Quick VMWare question

In VMWare Workstation 10 how can I create a segmented virtual network (VMNet2) But still give it internet access?

Thanks.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

jibbajabba

You mean VMs using solely VMNet2 and go out to the internet ?
[noparse]
You need to configure VMNet2 to be either Bridged or NATed.

However, for Bridged, you need an unused network card as VMNet0 is likely using your current networkcard for bridging. NAT is unlikely to work either as there is also already a NAT network (VMNet

and you can only have one NAT network.

If you do need an additional network then you could create an additional host only network and just use a VM acting as a router (If you don't know how to do this have a look at ClearOS).

So basically

1. VM Router
NIC 1 : VMNet0 or VMNet8
NIC 2 : VMNet2

2. VM
NIC 1 : VMNet2
[/noparse]

SephStorm

Hmm, I suppose i'll just switch them over to Brigded then, hopefully it won't mess up my Security Onion installation...

blargoe

Not sure what you are trying to accomplish, but if you use NAT, your VMs will be on a separate network segment, and use your host workstation's IP address for external (your LAN and your Internet) connections). That might be your best fit.

SephStorm

According to https://www.vmware.com/support/ws3/doc/ws32_network21.html

The host computer has an adapter on the NAT network (identical to the host-only adapter on the host-only network). This adapter allows the host and the virtual machines to communicate with each other for such purposes as file sharing. The NAT never forwards traffic from the host adapter.

Would this make the host computer vulnerable to anything running in the VMs? (i.e virus/worm)

blargoe

I think bridged would be more seceptible to spreading vulnerabilites since the VM's would be directly connected to the host's IP subnet (along with any other hosts he might have running at his home/office/whereever he is doing this).

You can turn off the file/print sharing on the VMnet adapter that is assocated with the NAT or host-only network, from the Windows host, just like with any other network adapter in Windows, to block that feature. I don't believe the VMs on the NAT network have have a way to directly access the host operating system other than the file sharing settings (which also have to be enabled/configured in the VM's settings, and even then is limited to whatever folder you configure for sharing with the VM).