ErikDe
Contributor
Contributor

VMWare Workstation: limit network access from guest to one physical adapter on host

https://superuser.com/posts/1554886/timeline 

I have a Windows 7 guest system VM that has access to the Windows 10 host network using VMNet8, i.e. natted connection.

The host has two physical NICs: one is connected to a private LAN, the other NIC to a LAN with internet access. What I would like to do is to limit the NATted network access to the firt physical NIC, preventing the guest to access the second NIC, which has internet access, which is not wanted on the guest.

By default, the natted network allows access to both NICs subnets. Is it possible to limit that access to only one NIC, or a specific subnet? How can this be achieved in VMWare workstation?

0 Kudos
1 Reply
dariusd
Leadership
Leadership

Packets passing through the VMware NAT will always act as if they were generated by the host on which Workstation is running, which means that anything accessible to the host is usually also accessible to the guest.

If you want to restrict the NAT to access only a specific physical NIC, you might be able to do so using the Windows Firewall with Advanced Security.  In Outbound Rules, pick New... and choose Program, and try restricting the VMware NAT daemon (vmnat.exe) to access only the range of IP addresses on that secondary interface.

(I have no idea whether this will actually meet your needs, but that would be what I would try!  I don't often use Windows...)

--

Darius

0 Kudos