Re: USB eToken - ESXi 6.5 - not working

rdinca · ‎03-27-2017

Hi guys,

On a DELL PowerEdge R710 I have a free ESXi 6.5 installed and a Windows 2012 hosted. I want to add a Digital Signature eToken and when I add the USB in Virtual Machines settings I receive this message:

Failed to reconfigure virtual machine Win2012. Cannot connect 'vid:0529 pid:0620 path:0/1/0' to this virtual machine. The device was not found. - dismiss

Can you help me understand what am I doing wrong? I saw there is a short list of "approved" USB vendors/models but this seems ridiculously small. (https://vmware.agentaccess.it.com/solution/SOL-1516 )

I went through https://vmware.agentaccess.it.com/solution/SOL-1538 but no luck.

There must be another way to add pass these Smart Card Security eTokens to USB Host for the virtualized machines.

Thanks,

Adrian

lancechou · ‎05-03-2017

Smart card reader passthru is disabled by default in ESXi to support smart card login to DCUI.

If all you need is to use the token in a guest VM, you can do the following

1. Power of the VM

2. Append the following line to your VM configuration (.vmx)

usb.generic.allowCCID = "TRUE"

Please note that you can not edit .vmx while the VM is on. Otherwise, all the changes you make will be reverted.

Hope it helps

EdOfTheMountai2 · ‎08-22-2018

@ancechou thank you!

This wasted much time, after upgrading from free ESXi 6.0 to vSphere Essentials Kit ESXi 6.7

Now I can build and code sign my software releases using my Aladdin Knowledge Token JC. Thank you! Thank you!

[ ESXi 6.7 ] - Connect Token to ESXi VM Using ESXI web client

By default, ESXi >= 6.5 will not permit pass through connection of CCID USB devices such as the Aladdin Knowledge Token JC to the guest VM.

CCID (chip card interface device):

A USB protocol that allows a smartcard to be connected to a computer via a card reader using a standard USB interface

*** Error displayed by ESXi on connect attempt:

Failed to reconfigure virtual machine Win10x64. Cannot connect 'vid:0529 pid:0620 path:0/1/7/1' to this virtual machine. The device was not found.

Enable USB CCID Device Connection in VM

Shut-down the VM
VM > Edit settings > VM Options
Advanced > Configuration Parameters > Edit Configuration
+ Add Parameter and add following Key and Value

 usb.generic.allowCCID     TRUE

Connect Aladdin Knowledge Token JC to VM

Power-up VM
VM > Edit settings > Virtual Hardware
Add other device > USB device
Select Aladdin Knowledge Token JC > Save

DaviddeLeeuw1 · ‎09-22-2018

Hi Ed of the Mountain

We followed your instructions for our security USB token exactly, but the token still does not show up in the client.

System:

IBM x3630 M4

Vmware Esxi 6.5.0 Build 9298722

Client :

Windows 2012 64 bit, VM Version 13

Token: Marx DatenTechnik CrypToken

This used to work on our ESXi servers from ESXi 4.0

We have the line

usb.generic.allowCCID TRUE

esxcli hardware usb passthrough device list shows:

Bus Dev VendorId ProductId Enabled Can Connect to VM	Name
--- --- -------- --------- ------- ------------------------- -------------	--------------------
2	7	4b3	4010	false no (passthrough disabled) IBM Corp.
2	4	e39	f100	false no (passthrough disabled) Smart Modular	Technologies, Inc.
2	5	d7a	1	true yes	MARX Datentec	hnik GmbH CrypToken
2	6	d7a	1	true yes	MARX Datentec	hnik GmbH CrypToken

So on the ESXi side everything seems fine. On the client the token does not show up at all.

We are out of ideas how to fix this.

Hoping for your help...

David de Leeuw

Ben Gurion University of the Negev

Lib961 · ‎08-13-2021

Thank You for you help, it works for me, just notice you don't need to put quotes on the TRUE, i did the mistake first time haha

Flowtech_VS · ‎03-04-2022

DaviddeLeeuw1

I'm exactly with the same problem as you.

Did you find a work around?

Tks

All

USB eToken - ESXi 6.5 - not working

[ ESXi 6.7 ] - Connect Token to ESXi VM Using ESXI web client

Enable USB CCID Device Connection in VM

Connect Aladdin Knowledge Token JC to VM