Interesting point...however as it is a nix-based guest, I'm not too clear about how to harden it. Similar to the Citrix Merchandising Server, there's no real console to connect to besides the web interface and no guidance on how to secure it. Any useful links anyone might be able to share regarding this? Please don't ask me what nix flavour it is... :-o
Sent from my Blackberry, which may be an antique but delivers email RELIABLY -----Original Message----- From: "Andrew S. Baker" <asbz...@gmail.com> Date: Fri, 25 Jan 2013 09:40:17 To: NT System Admin Issues<ntsysadmin@lyris.sunbelt-software.com> Reply-To: "NT System Admin Issues" <ntsysadmin@lyris.sunbelt-software.com> Subject: Re: Networking stuff.....oo-er May sure you are protecting that guest appropriately. I'm not sure why you wouldn't have been able to do what Ben suggested, though. *ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker>* **Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market…*** On Fri, Jan 25, 2013 at 8:26 AM, James Rankin <kz2...@googlemail.com> wrote: > Thanks for all the help guys. I finally managed to shoehorn the VM into > running in Bridged mode, and as was pointed out to me, this seems to have > made all the difference. > > I can now access my funky new DataNow home appliance from the internet and > kick DropBox and Google Drive into touch :-) > > Cheers, > > > > JR > > > On 25 January 2013 12:23, James Rankin <kz2...@googlemail.com> wrote: > >> Unfortunately the guest won't work in a bridged configuration. God knows >> why. It also can't be configured with a second network card for some >> reason, which again reduces my options :-( >> >> Hazen emailed me offline to try using VMWare's own internal NAT port >> forwarding to see if we could push the traffic through by forwarding it to >> the host first, as you've suggested also. I'm giving that a try now. >> >> Cheers, >> >> >> JR >> >> >> On 25 January 2013 12:17, Ben Scott <mailvor...@gmail.com> wrote: >> >>> On Fri, Jan 25, 2013 at 5:36 AM, James Rankin <kz2...@googlemail.com> >>> wrote: >>> > I'm trying to configure my home router to do some port forwarding onto >>> a >>> > device on my internal network. However, this is a VMWare Workstation >>> guest >>> > using NAT networking so it has an address on a different range >>> > (192.168.183.x) rather than the home network's default range >>> (192.168.1.x) >>> >>> I presume the VMware host is doing the NAT for the guest. If so, as >>> far as BT router is concerned, the VMware host *is* the guest. The >>> host translates the guest's packets so they appear to be coming from >>> the host itself. That's the whole point of NAT, after all. :) >>> >>> You would need to forward the port on the BT router to the VM host, >>> and then have VMware's internal router forward the packets again to >>> the guest. I don't know if VMware's router implementation can do port >>> forwarding. >>> >>> Can you change the IP address and net on the guest without breaking >>> things? If so, is it okay to switch VMware to bridged mode and just >>> put it on your home LAN? If feasible, that's likely the easiest >>> solution. >>> >>> If not: You could prolly do this with a cheap home router (like a >>> LinkSys WRT* box) and a second network interface in the host. On the >>> host, unbind all the OS (Windows) protocols from the second interface. >>> In VMware, bridge the second interface to the guest, no NAT or DHCP. >>> Plug the "Local" side of the new router into the second interface. >>> Plug the "Internet" side of the new router into your main home LAN. >>> On the BT router, port-forward from the Internet to the new router's >>> main home LAN address. On the new router, port-forward from the main >>> home LAN to the guest. >>> >>> -- Ben >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
