VMWare configuration

[mindobjects]

Hi,

I have an host PC with a VMWare install on it.

When LooknStop is active (filtering on), I have no traffic available from the VM machine.

My question is simple : How I can unable traffic for the VM (for in and out) ?

Thanks for your answers at advance.

Alain
P.S: I already done this from my current Host PC without any problem, but I can't find anywhere how the VMWare is seeing (in NAT) by LooknStop.

[Frederic]

Hi,

Do you have something in Look 'n' Stop log ?

Could you confirm you are talking about the Look 'n' Stop installed and running on the host and not in the VM ?

Thanks,

Frederic

[mindobjects]

Nothing inside the log, that's my problem
And YES it's inside the host that LooknStop run not inside the VM.
The problem is the OS inside the VM doesn't access anything (http Web for example) and the same application running (for example IE) inside the host's OS works correctly.
If I disable the LooknStop filtering inside host of VM Ware, machine inside VM Ware works fine ...

[tweed]

Well, LnS is WAY easier than the other big 3 or 4 FW's... I left the VMware LnS stock then created [IN the host PC's install of LnS 2 RULES...

1) named ALLOW UDP
Ethernet TYPE: IPV4 [changes to this even if you set to IP
Ip Protocol: UDP
SOURCE Ethernet address: [on left side] set to EQUALS then the IP address of the VMware machine. do START/RUN/type CMD/ then type ipconfig /all

Below that:
IP address: EQUALS TCP/UDP port ALL and then YOUR STATIC ipaddress of your VMware machine ie. 192.168.1.xxx

SO: NOW.... on the right side set everything to ALL Ethernet address and IP address and TCP port.



NOW... create another rules and do the SMAE as the above only the third thing down in the rule wher it say Ip protocol make that TCP



Now.... in another post Frederic comments that the way I explained it [not as good as above I think]
it seemed I was allowing everything in to the VMware machine..

SO there's probably a better way though this seems very logic..
The thing I didn't make clear I think is that I have LnS installed on the VMware machine which STOPS everything I want it to...
and it's ONLY the IP/Mac of my VMware machine that is let through the main PC...

I'm gonna post on the other thread and ask Frederic to look at this post..

[Frederic]

Hi tweed,

The case here is different because we are talking about the Look 'n' Stop running on the host.
Also it seems the VMWare configuration is NAT and not Bridged.

mindobjects, is there any reason why you prefer the NAT configuration than the Bridged one (which is easier I think, and doesn't require nothing on the host) ?

If there is nothing in the Log, you have to confirm first the problem is really coming from the Internet Filtering and not Application Filtering.
To do so, just disable the Internet Filtering (instead of stopping Look 'n' Stop) and check if the access is working from the VM.

Thanks,

Frederic

[Frederic]

Hi,

I've checked again my Look 'n' Stop configuration on the host, and actually I had added two rules (I didn't remember that ) to allow VMs to connect.

When a VM machine sends a packet, it is also seen by Look 'n' Stop on the host, and the IP source is not the IP of the host but the IP of the VM.
Therefore I've duplicated the two rules:
- UDP: Authorize name resolution
- TCP: Authorize most common internet services
and in the IP source zone, instead of selecting "equal my@" I've selected "in range 192.168.0.x - 192.168.0.y" x & y depending on the IP address your VMs can obtain.

Also if one of the VMs is under Vista, the local port needs to be updated.
By default 1024-5000 is Ok. But for a VM under Vista, I've added two rules (duplicate of the two previous ones) changing the 1024-5000 to 49152-65535.

This is with a Bridged mode.

Frederic

[tweed]

Yes I am running bridged...!
Works great.... [man, did I have trouble with ALL the other big 3 or 4 top FW's - I'm a total believer in LnS - gotta be a bit passionate after finding a sexy and light! FW that works and is understandable [important that!] and FULL featured.. Love the mac/ip filtering and all ]

So... on the VMware thing:
I am still thinking and understanding better after I think more, I hope...
Thanks!