VMware Communities
TestLink
Contributor
Contributor
‎09-18-2018 06:56 AM

NAT vs Bridged connection for security and privacy and how to Disable logging for a VM on VMware Workstation Pro 14.x

Hi,

I have VMware Workstation Pro which is installed on Windows 7 x64 host. The guest VM is also Windows 7 x64. My network setting is set to NAT, which shares the host IP address. I have a VPN installed on the guest VM. The VPN is set to Auto Start when the VM is started.

I was told by someone that it is better to use 1. Bridged mode : Connected directly to the physical network and 2. Select Replicate physical network connection state. I dont want to use VPN for the host machine traffic.

1. May I know which one to choose for privacy and Security - NAT (Sharing the host IP) or Bridged (Connected directly to the physical network)

2. Also may I know how to Disable all logging by the VMware Workstation Pro 14.x?

Appreciate any help in this regard..

Reply
0 Kudos
1 Reply
Persuasion89
Contributor
Contributor
‎07-11-2022 03:34 AM

So this is an old thread but I just want to bump this and maybe I can get an answer to this. From my knowledge:

1) If I use NAT and a VPN on the host machine, everything should be encrypted in the same manner as it would be as if I were browsing from the host, which means there is no need to connect to a VPN from the guest OS. This however will (in case of some sort of leak or breach) be obvious that the actions taken on the guest OS were directly taken on the Host OS>

 

2) If I connect with bridged, my Guest OS will show as it's own entity. Any protections I want will have to be taken on the Guest OS itself, because it will be totally independent from the Host. This means I could have a VPN running on the guest without running it on the host, or vice versa. Or each machine could run it's own VPN, but In any situation, it wouldn't definitively show that the Guest OS is directly linked to the Host other than the fact they are sharing a network. This would mean in the case of a breach/leak that it would appear to be two different computers at least from the standpoint of a network analysis, correct?

I understand that this would still be obvious there is a link once the Host machine is inspected, but just looking at the network am I understanding how this works?

Reply
0 Kudos