VMWare configuration

Discussion in 'LnS English Forum' started by mindobjects, Apr 14, 2007.

Thread Status:
Not open for further replies.
  1. mindobjects

    mindobjects Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    4
    Hi,

    I have an host PC with a VMWare install on it.

    When LooknStop is active (filtering on), I have no traffic available from the VM machine.

    My question is simple : How I can unable traffic for the VM (for in and out) ?

    Thanks for your answers at advance.

    Alain
    P.S: I already done this from my current Host PC without any problem, but I can't find anywhere how the VMWare is seeing (in NAT) by LooknStop.
     
  2. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi,

    Do you have something in Look 'n' Stop log ?

    Could you confirm you are talking about the Look 'n' Stop installed and running on the host and not in the VM ?

    Thanks,

    Frederic
     
  3. mindobjects

    mindobjects Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    4
    Nothing inside the log, that's my problem :)
    And YES it's inside the host that LooknStop run not inside the VM.
    The problem is the OS inside the VM doesn't access anything (http Web for example) and the same application running (for example IE) inside the host's OS works correctly.
    If I disable the LooknStop filtering inside host of VM Ware, machine inside VM Ware works fine ...
     
    Last edited: Apr 14, 2007
  4. tweed

    tweed Registered Member

    Joined:
    Apr 2, 2007
    Posts:
    11
    Well, LnS is WAY easier than the other big 3 or 4 FW's... I left the VMware LnS stock then created [IN the host PC's install of LnS 2 RULES...

    1) named ALLOW UDP
    Ethernet TYPE: IPV4 [changes to this even if you set to IP
    Ip Protocol: UDP
    SOURCE Ethernet address: [on left side] set to EQUALS then the IP address of the VMware machine. do START/RUN/type CMD/ then type ipconfig /all

    Below that:
    IP address: EQUALS TCP/UDP port ALL and then YOUR STATIC ipaddress of your VMware machine ie. 192.168.1.xxx

    SO: NOW.... on the right side set everything to ALL Ethernet address and IP address and TCP port.



    NOW... create another rules and do the SMAE as the above only the third thing down in the rule wher it say Ip protocol make that TCP



    Now.... in another post Frederic comments that the way I explained it [not as good as above I think]
    it seemed I was allowing everything in to the VMware machine..

    SO there's probably a better way though this seems very logic..
    The thing I didn't make clear I think is that I have LnS installed on the VMware machine which STOPS everything I want it to...
    and it's ONLY the IP/Mac of my VMware machine that is let through the main PC...

    I'm gonna post on the other thread and ask Frederic to look at this post..
     
  5. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi tweed,

    The case here is different because we are talking about the Look 'n' Stop running on the host.
    Also it seems the VMWare configuration is NAT and not Bridged.

    mindobjects, is there any reason why you prefer the NAT configuration than the Bridged one (which is easier I think, and doesn't require nothing on the host) ?

    If there is nothing in the Log, you have to confirm first the problem is really coming from the Internet Filtering and not Application Filtering.
    To do so, just disable the Internet Filtering (instead of stopping Look 'n' Stop) and check if the access is working from the VM.

    Thanks,

    Frederic
     
  6. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi,

    I've checked again my Look 'n' Stop configuration on the host, and actually I had added two rules (I didn't remember that :oops: ) to allow VMs to connect.

    When a VM machine sends a packet, it is also seen by Look 'n' Stop on the host, and the IP source is not the IP of the host but the IP of the VM.
    Therefore I've duplicated the two rules:
    - UDP: Authorize name resolution
    - TCP: Authorize most common internet services
    and in the IP source zone, instead of selecting "equal my@" I've selected "in range 192.168.0.x - 192.168.0.y" x & y depending on the IP address your VMs can obtain.

    Also if one of the VMs is under Vista, the local port needs to be updated.
    By default 1024-5000 is Ok. But for a VM under Vista, I've added two rules (duplicate of the two previous ones) changing the 1024-5000 to 49152-65535.

    This is with a Bridged mode.

    Frederic
     
  7. tweed

    tweed Registered Member

    Joined:
    Apr 2, 2007
    Posts:
    11
    Yes I am running bridged...!
    Works great.... [man, did I have trouble with ALL the other big 3 or 4 top FW's - I'm a total believer in LnS - gotta be a bit passionate after finding a sexy and light! FW that works and is understandable [important that!] and FULL featured.. Love the mac/ip filtering and all ]

    So... on the VMware thing:
    I am still thinking and understanding better after I think more, I hope...
    Thanks!
     
Thread Status:
Not open for further replies.