Wolfdp 0 Posted August 17, 2023 Share Posted August 17, 2023 Good afternoon. I have the following problem: - I have a laptop running Windows 10 Pro. It has Hyper-V enabled and a Windows virtual machine configured - The laptop uses two network interfaces: cable and wireless. Moreover, I can connect to different networks, respectively, IP and other network settings of the host can change - The virtual machine receives the network via vEthernet (DefaultSwitcvh), which is automatically created when the Hyper-V feature is enabled. I didn't change the default settings. - on the virtual machine, the ip-address is random (172.*.*.*). I may also need to make a copy or deploy an additional virtual machine. - the antivirus firewall (ESET Internet Security) automatically blocks the following incoming UDP connections on ports 137, 138 and 53. If I allow these connections in the "Network troubleshooting wizard", the Internet will appear on the virtual machine. Can I somehow write rules to automate this? Ideally, I would like the rule to apply exclusively to virtual machines. p.s. I do not speak English, this text was typed with the help of a translator. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,298 Posted August 17, 2023 Administrators Share Posted August 17, 2023 You can use learning mode to have the necessary rules created automatically. Link to comment Share on other sites More sharing options...
Wolfdp 0 Posted August 17, 2023 Author Share Posted August 17, 2023 1 hour ago, Marcos said: You can use learning mode to have the necessary rules created automatically. Thanks for the reply, but I would like to have more control over which members of the virtual network (not) get access. I solved the problem in the following way (I'm not sure about these settings, so any comments and criticism will be welcome.😞 First, I unlocked access for one of the virtual machines in a troubleshooting way. Next, I found this rule in the firewall settings, and made the following changes: - renamed (optional, to make it clear the purpose of this rule) - changed the range of addresses (maybe it is worth specifying a larger range, namely 172.0.0.0/255.0.0.0) - selected virtual network profile In theory, this will limit incoming connections as much as possible, but I have certain doubts about choosing a profile (I'm not sure that after any updates / manipulations, it will not be considered as new). Also note that the Wizard also binds the rule to the ICS program. You can understand which profile you need to select from the list of network connections. I note that the VPN connection is also considered virtual, so you can additionally navigate by IP addresses. Link to comment Share on other sites More sharing options...
Wolfdp 0 Posted August 24, 2023 Author Share Posted August 24, 2023 clarification on the range of addresses: apparently you need to use 172.16.0.0/12 Link to comment Share on other sites More sharing options...
Recommended Posts