Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » How to install Appliance in VMWare Workstion 8.0? (The Appliance doesn't reach the physical ip address of my internet network card)
  •  
sacisoft

Messages: 5
Karma: 0
Send a private message to this user
Hi, i have installed VMWare Workstation 8.0, and open the appliance i download from kerio website:

kerio-control-appliance-8.1.1-1019-p1-vmware.vmdk
kerio-control-appliance-8.1.1-1019-p1-vmware.vmx

I configured one virtual network card as Bridge, and i assigned a static ip: 192.168.0.1.

The other virtual network card i leave as is: Host only, but my ISP gave me a static ip to reach the internet:

IP: 190.124.35.209
MK: 255.255.255.248
GW: 190.124.35.214

DN1: 200.35.191.195
DN2: 200.35.174.126

How do i configure the above parameters in the virtual environment, because at this moment the firewall doesn't reach the internet.

Could you tell me what i am doing wrong, please???

I attach the file with print screen of my configuration and steps i did.

Thanks in advandced.


sacisoft
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
My main experience is with ESX/ESXi. I'd recommend that over Workstation. ESX 3.5 is free.

These are the general steps under ESX.

To pull this off correctly, you'll need to use VLANs or two separate NICs otherwise you won't have traffic separation and no real firewalling. Both vNICs should be in Bridged mode (not NAT or Host). Ideally, you'll be using vSwitches as well. Assign the vNICs to the proper vSwitches.

You'll have to translate some of these ideas to Workstation. It looks like some combination of LAN segments, virtual networks and bridged connections. I'm not certain what your end goal may be.
  •  
sacisoft

Messages: 5
Karma: 0
Send a private message to this user
Can you tell me where can i download the free ESX 3.5??? and how to install it in Workstion 8.0.

Thanks in advanced,

Jason.

sacisoft
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
ESX is a barebones hypervisor. It replaces the host OS. Workstation is a host-based hypervisor (Windows).

This should be the link to the free stuff: http://www.vmware.com/products/vsphere-hypervisor

  •  
sacisoft

Messages: 5
Karma: 0
Send a private message to this user
Ok, but this doesn't solve my problem. Because i am using a Windows 2008 server as my host pc. So i have to be able to make it works with VMWare Workstion or another software that permit me virtualize and shared physical resources in both scenarios. Do you or other in this forums can recommend me anyone?

Thanks,

Jason.


sacisoft
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
Do you have 1 or 2 physical NICs?

I'll try to see what I can get to work with Player.

I did try this once with Workstation, but that was long ago and the expiration ran out (trial). However, I did have 2 physical NICs for that testing.
  •  
sacisoft

Messages: 5
Karma: 0
Send a private message to this user
Yes, i have 2 physical network cards.

1 that connect to the switch of my lan
1 that connect directly to the ISP EtherLink Port

Jason.

sacisoft
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
Player doesn't appear to allow a similar configuration. The Bridging function appears to bridge all adapters together, so you can't assign independent physical adapters to a vNIC. There might be some possibility with the VMnet adapters that I can't find.

I do believe you may experience some security concerns while trying to implement a firewall on top of a host OS. You'll need to be careful you don't expose it to the Internet without proper firewalling. Otherwise, everything could be compromised, including Control.

This will require some careful planning. I would suggest you contact your reseller or Kerio Technical Support. Especially if you have never implemented something like this before.

My recommendation would be to VM that Windows 2008 server and redo the implementation with a true hypervisor (ESX or Hyper-V). Then, run the Control VM and Windows 2008 VM side-by-side. I believe you'll find this easier to support, configure, and maintain.

[Updated on: Fri, 06 September 2013 07:04]

  •  
sacisoft

Messages: 5
Karma: 0
Send a private message to this user
It supposed i am the reseller, and i can't do that becuase is a W2K8 DC Server, wich has active directory, iis, and fileserver installed on it.

Any other clue?

Jason.

sacisoft
  •  
KCAP

Messages: 91
Karma: 2
Send a private message to this user
Hi,

I think you need at least 3 NIC's to work with,
one for your Host OS (for the win 2008) to LAN (fixed IP)
one for the firewall to LAN (also your gateway)
one with the fixed IP to WAN

Then activate the Hyper-V role in the server,
assign the two NIC's to hyper-V (firewall/wan)
download the hyper-V installation,
and install the Firewall as hyper V


A second option good be (if you only have 2 NIC), download the older firewall 7, this can be installed as a 'program' at your windows 2008 server, then the the LAN nic are one.

Teun

Teun
KCAP [NL]
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
It is possible to do this with just 1 NIC (with VLANs). The number of NICs doesn't really matter since it is the host OS. It is in control of all the NICs. That is the security concern. Your DC/AD/IIS/File Server will have a native interface facing the Internet.

The second option is one I was going to recommend as a fallback, if all else fails. Control does a decent job of locking down the packet processing. That's a lot of stuff to be running on one OS, though. Potential for conflicts increases with application loads. You also lose newer features and is a dead-end in terms of technology and fixes.

And, it is possible to convert a physical machine to a VM using VM convertor software (VMware: http://www.vmware.com/products/converter/). You don't have to rebuild the server. For backup purposes, you may want to preserve the original disks, since this appears to be your first time doing this type of operations, i.e. use new disks to build the new system after you've converted the physical machine to a VM. You should be able to test the VM on Workstation.
Previous Topic: Urgent: Windows 8 - other VPN connections are not working
Next Topic: quota bandwith
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Aug 24 05:19:15 CEST 2017

Total time taken to generate the page: 0.00523 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.