VMware Workstation - VM in different VLAN

[evoman91]

Hi All, 

 

I would like to be able to connect a VM to a tagged VLAN without the host machine being connected to that VLAN. 

 

My machine only has one NIC and all the networks I connect to are tagged VLANs associated with that NIC. 

 

If I add the tagged VLAN to the NIC I can connect the VM to that network correct however my machine is then in that network as well. 

 

Does anyone know if this is possible? I really hope that makes sense! 

 

Thanks in advance. 

[+BudMan MVC]

Well the connection to your machines nic would have to be trunked for starters. The switch port your currently connected to is most likely access and only allows the vlan your physical nic is in.

[evoman91]

Hi BudMan, 

 

The port that my NIC is in, is tagged in both of the VLANS. I can bring up the VLAN on my machine and connect my VM to it no problem, however I don't want my machine to be in that lan for various reasons. 

[+BudMan MVC]

So port is trunked already and allows both, ok.

So in workstation can you tag say a vswitch like you can in esxi?

What virtual nic do you have setup, vmxnet3 should allow for vlan ID right on the nic

From a quick google with workstation it seems you need to make map it in network correctly, and you might have to uncheck deterministic or other options on the vm nic to see it in the mapping, check out this article

http://brandonjcarroll.com/blog/using-vlans-with-vmware-workstation

[evoman91]

Hi Budman, 

 

You can't change the VLAN tagged on the vswitch like ESXi, I was hoping the same thing. 

 

I've had a look at the article but that would still put my machine in that LAN. For I've removed everything from the networking selection (unticked Internet Protocol Version 6 etc.) which looks like I can't connect to that network, and nothing from that network can connect to my machine, but the VM is working fine. I think this will work ok for now. 

 

Thank you Budman. 

[+BudMan MVC]

Your physical nic is going to require the ability to add multiple vlan tags - as per the article, then can create different virtual networks and match them up with the specific vlans you want to run your vms on.

You might be able to get away with juts putting the tag on the virtual nic on your vm and bridging it to your physical nic that is in a different vlan.

That article shows how to run different vms under different vlans, ie more than 1 can be done. Your just needing 1 I take it - but still applies. What is the actual physical nic you have in your machine.. Does it it support the advanced features like multiple vlan tags on it?

[evoman91]

My NIC is an Intel 82579LM and yes it does support VLAN tagging. That's how I'm currently doing it. When you add a new Tagged VLAN it created a new adaptor which needs to be enabled for you to use it via VMware workstation. 

 

I didn't have a problem getting the VM into the VLAN, the problem is I don't want my physical machine in that VLAN at all but it seems to be working correctly now. 

[+BudMan MVC]

Yeah you need to create more than one vlan - the one your vm is in, and then whatever you PC is in physically.

[evoman91]

Yeah already done that ;P 

[evoman91]

Thank you for your help. 

[tonyjr]

I think that is all you can do evoman91 - just untick the un-needed protocols and services in the properties of the virtual adapter like you said. It seems a bit of a messy way to do it though, don't you think? 

[ibanez1998]

After creating your vlan interfaces, then creating your VMware workstation bridge to the new adapters, go into the local adapter and disable ipv4 and ipv6.  Your computer will not have access via ipv4 n'or 6 to communicate on that network, but your vmware workstation will still be able to bridge over that nic to the vlan and IT has IPv4 or 6 and will function just fine.  So again... vmware workstation nic, IPv4 is left on and alone, Local PC nic that it's bridging through has NO IPv4 or 6 enabled.  Therefore, no local computer access.

[binaryzero]

What a mess - get yourself a second NIC. 

[+BudMan MVC]

They prob have a different computer by now since this thread is from 2013