On Saturday 23 June 2007, Carlos E. R. wrote: > (I'm new to vmware) > > vmware server created two interfaces, vmnet1 and vmnet8 - the task of each > one I have not clear -. The thing is, the hosted system (virtual machine) > does have network access (I told it to use Nat), but I don't really know > how, and whether it is protected by the firewall. > > Of course, if there is a nice, easy to read, howto, just tell me :-)
If you use nat it is protected by the firewall, protected in the sense that unless you go in and specifically configure a routing, no inbound connections will be forwarded to the virtual machine. So its just like being behind a router. You can establish outbound connection in the virtual machine using just about any package (web browser, telnet, ssh, email, etc). Its just like having a machine behind a little hardware router. Until or unless you open any inbound ports you are pretty well protected. If you wanted to run a ssh SERVER in a virtual machine, using nat you would have to go to /etc/vmware/vmnet8/nat and edit nat.conf to include a line something like this: [incomingtcp] # SSH 8889 = 192.168.90.128:22 This would accept inbound connections on port 8889 and route them to the virtual machine on port 22. You will then restart vmware, and as root in the host, you will see with netstat -anp that vmmet-natd is listening on port 8889 for you. If you do not need inbound connections, you don't have to do any of this. Warning: Anytime you update vmware, it has a habit of stomping all over your nat.conf so MAKE A BACKUP copy. -- _____________________________________ John Andersen
pgpx0TyWt6z9h.pgp
Description: PGP signature
