I get a popup that says 'Value "guest-only" for variable "ethernet0.connectionType" is not a valid value'. Is that a feature of ESX?

Depends on how many physical NICs you have in your ESX hosts - if you have more than one what you will need to do is create seperate virtual switches - vswitch0 which has the management port connected to it you will need to connect to a physical switch that does not have access to the internet - create a second virtual switch that will have the vm port group the your vms connect to and this one you will need to connect to a physical switch connected tot he internet

If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful

Hello,

This is with respect to Workstation, Fusion, Player, etc.

This is most likely doable using a Team and LANs created within that Team. For example, I have the following in my Workstation Team labeled Private

Bridge <-> FW <-> LAN1 <-> internal VMs

Instead of 'bridge' you could use your USB stick within the FW. Smoothwall and IPcop are pretty common firewalls you can use to do this.


Best regards,
Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009

Virtualization Practice Analyst[/url]
Now Available: 'VMware vSphere(TM) and Virtual Infrastructure Security'[/url]
Also available 'VMWare ESX Server in the Enterprise'[/url]
[url=http://www.astroarch.com/wiki/index.php/Blog_Roll]SearchVMware Pro[/url]|Blue Gears[/url]|Top Virtualization Security Links[/url]|
[url=http://www.astroarch.com/wiki/index.php/Virtualization_Security_Round_Table_Podcast]Virtualization Security Round Table Podcast[/url]

in Workstation "guest-only" means every not configured VMnet.

In a default installation this are for example vmnet9 , vmnet7 , vmnet 6 ....

It is not necessary to create a team - teams only make configuration of virtual network obscure without any real benefit other than the throttling feature

___________________________________

VMX-parameters- VMware-liveCD - VM-Sickbay

Hello,

Teams also add the ability to have multiple LAN segments which for what I do for teams if very nice to have.

Best regards,
Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009

Virtualization Practice Analyst[/url]
Now Available: 'VMware vSphere(TM) and Virtual Infrastructure Security'[/url]
Also available 'VMWare ESX Server in the Enterprise'[/url]
[url=http://www.astroarch.com/wiki/index.php/Blog_Roll]SearchVMware Pro[/url]|Blue Gears[/url]|Top Virtualization Security Links[/url]|
[url=http://www.astroarch.com/wiki/index.php/Virtualization_Security_Round_Table_Podcast]Virtualization Security Round Table Podcast[/url]

What do I type in the vmx's, to do it the simple way? What about this:

ethernet0.present = "TRUE"

ethernet0.connectionType = "custom"

ethernet0.vnet = "VMnet6"

ethernet0.virtualDev = "e1000" # linux VM's only

ethernet0.addressType = "generated"

Works nicely in the end. But not with Microsoft internet connection sharing, this seems broken. Instead I ended up attaching the USB router to a special VM based on OpenBSD (vyatta.com) playing the role of the gateway. Vyatta makes that relatively easy to configure.

...But not with Microsoft internet connection sharing ...

you are speaking about security and isolation and then you even mention that ... ???




___________________________________

VMX-parameters- VMware-liveCD - VM-Sickbay

Still haven't weaned completely from Microsoft. The Bat email client with Sandboxie are too good to say goodbye to, especially given that they live in a VM. Also I have too much mastery of Windows to dump all this knowledge and go back to adventures with linux, which last time I did linux was a pain in the neck.

Having said that, my browser appliance is linux-based. And I'm planning to study and experiment with chroot and OpenVZ as a substitute for Sandboxie.

And don't forget, VM's are disposable, it's not the end of the world if a browser appliance gets messed up. As long as bookmarks are kept somewhere safe (I'm keeping a copy online too).