HI ,
I have multiple virtual machines ( Windows XP) used for remote connectivity with variety of VPN clients with predefined custom configurations
Some VPN clients implement a firewall SW denying virtual machine's connection to any network resource inside my network .
I need to transfer files from/to VM's to my servers in my LAN.
On Microsoft Virtual PC or Vmware Workstation I have a nice , but insecure option SHARED FOLDERS.
I wonder what could be a possible solution for the following scenario . VM's are used by users unfamiliar with systems administration so mounting an ISO of floppy could not be considered as an option .
I have a Netapp filer available on-site with volumes accessed via NFS/CIFS .
Best Regards .
You could create a dual homed CIFS share file server VM that your virtuals could access and systems on you LAN could access. There are a couple of ways you could set this up using virtual routing/firewall devices (Vyatta IPCOP etc) and internal vswitchs.
Nice option unfortunately Large Telcos we are working with customise their VPN client ( mostly CISCO and Checkpoint ) to cut any Network connection from client OS to anywhere except to remote VPN site.
The only option to transfer files is through physical device emulation . Currently we are working on MS Virtual PC ( SUCKS !!!!!!!!!!!!) that has sharing folder option .
I wonder if you could hack ESX the way it will support Sharing folders the way VMware fusion and VMWare Workstation does .
Thanks .
Hello,
No, it is not possible to hack ESX to allow this. Nor would you really want to do this. The Security implications are staggering.
Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009
====
Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education.
Blue Gears and SearchVMware Pro Blogs -- Top Virtualization Security Links -- Virtualization Security Round Table Podcast
The Security is not an issue at all in this case .
The idea is getting rid of a bulk of PC's doing nothing but running Microsoft VPC and consolidating them into one ESXi server while saving HW and Licensing costs .
Thanks .
Hello,
Because it is a security issue it IS not possible.
It is better to setup a VM and use that as a way to share files within the same vSwitch, but the problem is unrelated to this. I had the same problem with my VPN service, there was no solution other than to use things like tunneling to the file server using SSH. I used to do NFS over SSH tunnel. It works.
Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009
====
Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education.
Blue Gears and SearchVMware Pro Blogs -- Top Virtualization Security Links -- Virtualization Security Round Table Podcast