Announcement

Collapse
No announcement yet.

Internet on Guest only

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Internet on Guest only

    This is about 'VMware Workstation 6':

    I'm looking for a way to only connect to the internet on a Virtual Machine, not on the physical host.


    In other words:
    There should be no connection 'physical PC -> Internet'
    There should be only connection 'Virtual PC -> Internet'

    Could someone guide me in detail how this could be done?

    Thanks in advance,
    Andy
    Last edited by durexlw; 27th August 2008, 20:12.

  • #2
    Re: Internet on Guest only

    Well - where are you going to fit the physical Network Card the VM will need to connect to the internet??? Because at the moment, as far as I know, the VM will need to use the physical NIC which is connected to the HOST, to talk to the network. So - if the VM can talk to the network, then so must the host be able to.

    The only way you could possibly achieve this is using a service OUTSIDE the Host/VM pair; for instance a firewall which blocks the IP address of the Host but allows the IP address of the VM.


    VM ----> HOST -----> NETWORK -----> INTERNET <---- this works

    VM ----> HOST -- X --> NETWORK -----> INTERNET <---- this does not.


    Tom
    For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

    Anything you say will be misquoted and used against you

    Comment


    • #3
      Re: Internet on Guest only

      Thanks for the reply man, I appreciate the input.

      Originally posted by Stonelaughter View Post
      Well - where are you going to fit the physical Network Card the VM will need to connect to the internet??? Because at the moment, as far as I know, the VM will need to use the physical NIC which is connected to the HOST, to talk to the network. So - if the VM can talk to the network, then so must the host be able to.
      That's right: it requires a physical NIC, but I'm confident Host does not have to have a connection to internet to have a VM connect to internet.
      For example: on the host, unchecking 'TCP-IP' and all other protocols, would leave the physical NIC available, and break the connection host->internet.

      Another way would be: A bridged network gets a physical address on the network, so on the physical host, I could give a bogus IP, like 10.0.0.0
      This would leave the physical NIC installed, with all needed protocols. The physical PC would not be connected to the internet and the Virtual Machine would have a connection to internet.

      Anyway, in that case, I should route internet so it connects to the VM... and for this, I lack the proper knowledge.
      Would anybody know how to do this?

      Originally posted by Stonelaughter View Post
      The only way you could possibly achieve this is using a service OUTSIDE the Host/VM pair; for instance a firewall which blocks the IP address of the Host but allows the IP address of the VM.


      VM ----> HOST -----> NETWORK -----> INTERNET <---- this works

      VM ----> HOST -- X --> NETWORK -----> INTERNET <---- this does not.
      I believe this is a variant of the above procedure: break the connection to the physical NIC, but leaving the physical NIC and it's connection intact.
      I have no firewall, so I'm looking for other options.

      Comment


      • #4
        Re: Internet on Guest only

        Simply unbind the TCP/IP protocol from the bindings of the host's physical adapter but leave the VMware Bridge protocol binding enabled.

        This will result in the VM having TCP/IP connectivity to the pysical network, however, the host will not.

        Also, the VM will have to be configured to use the bridged network adapter (VMNET0)

        Jas
        VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
        boche.net - VMware Virtualization Evangelist
        My advice has no warranties. Follow at your own risk.

        Comment


        • #5
          Re: Internet on Guest only

          Originally posted by jasonboche View Post
          Simply unbind the TCP/IP protocol from the bindings of the host's physical adapter but leave the VMware Bridge protocol binding enabled.

          This will result in the VM having TCP/IP connectivity to the pysical network, however, the host will not.

          Also, the VM will have to be configured to use the bridged network adapter (VMNET0)

          Jas
          You mean in my Network Connection, in the properties of my LAN, uncheck the TCP/IP Protocol?

          Is there anything more that needs to be done with this? I tried this before, and I couldn't make connection with my VM's to internet, even if they were set to bridge.

          Would you be willing to describe this in a bit more detail, what steps this exactly involves?

          Comment


          • #6
            Re: Internet on Guest only

            Originally posted by durexlw View Post
            You mean in my Network Connection, in the properties of my LAN, uncheck the TCP/IP Protocol?
            Yes

            Originally posted by durexlw View Post
            Is there anything more that needs to be done with this? I tried this before, and I couldn't make connection with my VM's to internet, even if they were set to bridge.

            Would you be willing to describe this in a bit more detail, what steps this exactly involves?
            Please see attached screens for the Host and VM.
            Attached Files
            VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
            boche.net - VMware Virtualization Evangelist
            My advice has no warranties. Follow at your own risk.

            Comment


            • #7
              Re: Internet on Guest only

              Originally posted by jasonboche View Post
              Please see attached screens for the Host and VM.
              Thanks a ton Jason. Your explanation has made all the difference.

              I had tried this before, and it didn't work... but after seeing a senior explain again, I knew something else had to be going on.
              It turned out my ISP has a policy where you can have only one IP per modem. Even if you release that one IP, before you request another IP from a different location, it turns out my ISP/modem won't allow it.

              Doing as you described, releasing my IP, resetting my modem, then requesting the IP on the VM, finally gave me the result I was looking for.

              It's making me really happy. I owe this one to your helping hand.


              -

              Maybe a word on the 'why' I'm chasing this:
              I've been experimenting in VM's to find configurations that are natively fairly bulletproof to spyware and viruses, without any anti-virus or anti-spyware and all that stuff.

              For a VM, if you just strip a Windows OS (with XP lite for example) from all, vulnerable components, like IE Explorer components, Outlook and adressbook and use firefox for browsing, I can run for months without having malware invading my PC.
              'A few months' isn't bad for a Virtual PC. Each month reverting to a snapshot ain't too bad. But installing a physical PC each month is a bit... well tiresome...

              Even while doing all my internet traffic solely on VM's, my physical PC still got infected. Virus scanners, anti-spyware turned out to be poor solutions, it takes hardly a few weeks before one gets trough and being connected to Internet seemed to be enough for this.
              I'm confident that having the connection 'Physical PC -> Internet' removed, will take care of this. No malware can go in or out if it has no connection to Internet.

              For what I can see, I have a contained environment where all internet traffic goes in and out, separated from my physical PC and it's OS. I predict it will now be a matter of reverting to snapshots, rather than still having to reinstall the OS on my physical PC.

              Thanks to your intervention I'll soon be able to see if my predictions hold up.

              Comment


              • #8
                Re: Internet on Guest only

                Glad to help.

                One can come up with some crazy solutions with VMware. I've designed a few environments in the past that were somewhat similar to yours where the host was physically wired to the cable modem, however, the VM on the host served as a firewall between the host (as well as a whole subnet of PCs) and the internet.
                VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
                boche.net - VMware Virtualization Evangelist
                My advice has no warranties. Follow at your own risk.

                Comment

                Working...
                X