Bridge mode is really useful for cases where we want to connect a VM to the physical network, either wired or wireless. A very important detail of this configuration option is to review the security policies of the switch or the wireless network, because we may have problems if you have Port Security or MAC filtering.
If we click on the option “Advanced«, the VMware software allows us to configure the input and output bandwidth limiter, although the most interesting thing is to be able to change the MAC address of the virtual network card assigned to a specific virtual machine. We can generate a new one randomly, or use the MAC address that we want.
In the event that you want to configure in detail the “Bridge”, the “Host-only” or the “NAT” that we have seen previously, you must go to the “Edit / Virtual Network Editor” menu. In this advanced configuration menu is where you can configure everything at the network level of your virtual machines.
If you are going to use the “Bridged” mode, by default the “Automatic” mode is used, this means that VMware will automatically select which network card has an Internet connection, and the network traffic will go in and out through that physical interface . Our recommendation is that you always set the network card through which the network traffic will travel.
We also have the possibility to configure the “NAT” mode that we have seen before. We have the possibility to configure the private IPv4 address range that the virtual machines will use and enable or disable the DHCP server in this NAT mode:
If we go into the “NAT Settings” option we can configure the default gateway of the different virtual machines, add port forwarding policies to access from the outside of the NAT to the inside, and we can even enable IPv6 between Other options. In the DHCP Settings section we can configure the IP address range that will be dynamically provided to the different configured VMs.
As you have seen, VMware is going to allow us great configurability at the network level, ideal to adapt to the main needs.
Network configuration in VirtualBox
Network settings in VirtualBox have almost the same configuration options as in VMware. The default network configuration is to NAT against the actual local private IP address of the computer, but we also have different configuration options, such as the following:
- NAT: It is the default option, the way it works is exactly the same as what we have seen before in VMware. Automatically each virtual machine will have a private IP address on the same network, and compared to the real local private IP address of the computer, it will be able to access any computer on the physical network and also the Internet.
- bridge adapter: It is the same «bridged» mode that we saw before.
- Internal network: allows you to create an isolated network where the computers inside will have communication between them but with no one else, if we create several internal networks, we can have communication between the VMs that are within the same network.
- Host-only adapter: It is like the internal network but where the real equipment is, something that does not happen with the “internal network” option.
- NAT network: It is an extension of the normal NAT, but here we can configure the addressing and other advanced parameters.
If we go to «File > Preferences» we will be able to see the different NAT networks created, if we click on «+» on the right we will be able to add new NAT networks to later use them in the different virtual machines.
As you can see, we have the possibility to configure the network name, the subnet in CIDR notation and if we want to configure the DHCP server, the IPv6 protocol and also port forwarding.
Once we know the different ways of connecting virtual machines, we are going to see what problems we can find.
Problems and solutions if you don’t have Internet
The way to connect to the Internet with a virtual machine is usually through NAT or through bridged (bridge mode adapter), therefore, we are going to divide this section into two well-differentiated parts, the NAT part and the bridge part.
If you use NAT mode on the virtual machine
If you use the NAT mode in the virtual machine, you must take into account that both VMware and VirtualBox will use the internal routing table of the computer to get the Internet to the VMs that we have. In this operating mode, if the real computer connected to the physical network has an Internet connection, the virtualized operating system will always have an Internet connection. No matter what security policies are in place at the network level, all network traffic from the VMs will go out to the Internet as if it were being generated by the real PC, so we can rule out all these connectivity issues.
The only problem we could have is that the private IP address of the physical network matches that of the virtualized network. In this case, the operating system may not know very well what to do with the network traffic based on its routing tables, so if the private IP address matches the virtual network that NAT does, our recommendation is that you change the subnet of the NAT of VMware or VirtualBox, with the aim of not having problems.
To change the NAT subnet, you must go to «Edit / Virtual Network Editor“, you select the VMnet8 that is configured as NAT, and at the bottom is where we can configure the “Subnet IP” part and we can also configure the subnet mask. What we can do here is modify this VMware default subnet in case it matches the main network.
In the case of VirtualBox, the process would be similar, the NAT mode is configured by default, so you should select the “NAT Network” mode and configure a free private subnet, and that does not coincide with the physical subnet. In this way, we will not have any problem.
As you can see, this is the only problem that we can find in NAT mode, that the main physical network is the same as the virtualized network.
If you use bridged or bridge mode
In the event that you use the bridge mode, you must take into account several aspects if you have problems connecting to the physical network and the Internet. If everything works correctly in NAT mode but not in bridged or bridged mode, then check the following:
- If you use VMware, in the “Virtual Network Editor” configure the VMnet0 network profile that is bridged as follows:
If you leave it on automatic and you have multiple network interfaces, you may have problems bridging. We have encountered serious problems having it in automatic mode, because if we change the physical network interface it forces us to restart to solve this problem (and hope that it fixes itself). The most advisable thing is to choose the physical network card specifically, nothing to leave it in automatic mode, it is mandatory to leave it statically with a network card that we want.
In this configuration mode, you may have problems connecting to the Internet due to the security of the physical network, we must also review this because it is as if we had a new computer:
- switch:
- Check on the switch if you have the Port Security feature enabled and configured. If our switch port has a maximum of 1 device simultaneously, and we connect the VM in bridged, we will have two, so the second device will not have communication. You will also have problems with the main PC if the Port Security policy is shutdown, as it will automatically shut down the port.
- Check the settings of IP-MAC-Port binding. By having additional equipment on the same port, with a different IP and MAC, the switch’s protections could block access to the network.
- Router:
- Check that we have DHCP server enabledor else, you will have to put a fixed IP in the operating system of the virtual machine.
- Check that we don’t have the firewall preventing communication.
- check that we do not have restrictive rules to add new computers on the network, because the bridged computer acts as a new computer.
Once you’ve checked all of this, you should have no problem communicating with the Internet from the virtual machine. We also recommend you do the typical ping tests to see how far we are reaching, and where the communications do not reach.
