I also checked that the Bridged Connections were correctly configured in VMWare as suggested here: See here how to customize the MAC Address of a Synology image. I did check that the Mac Address of each Synology (displayed by the Synology Assistant) was correctly defined in VMWare: And the problem comes back not only each time the VM is restarted, but also sometimes while running since a while. I tried to clean the arp table (Run as Command Prompt as Administrator on Windows and type: arp -d *). I seems to be an issue with the Bridged Connection of VMWare under Windows 10. I don't know yet why this is not immediate ?!. If I wait for several minutes (sometimes more than 10') and try again and again to reach my various Virtual Synology on its admin port, I finally get them. And trying to reach it via a browser, on its admin port, results in connection timeout. If the "MAC Address Changes" policy is set to accept (or true, via PowerCLI), this is a finding.įor each virtual switch and port group, click Edit settings (dots) and change "MAC Address Changes" to reject.I wanted to reconfigure all my Virtual Synology to use NAT instead of a Bridged Network Connection.īut once this is done, the Virtual Synology does not appear anymore as configured in the Synology Assistant (which opens the Network Wizard). Get-VirtualPortGroup | Get-SecurityPolicy View the properties on each virtual switch and port group and verify "MAC Address Changes" is set to reject.įrom a PowerCLI command prompt while connected to the ESXi host, run the following commands: VMware vSphere 6.7 ESXi Security Technical Implementation Guideĭetails Check Text ( C-42547r674869_chk )įrom the vSphere Client, go to Configure > Networking > Virtual Switches. Switch-level settings can be overridden at the Portgroup level.
Reject MAC Changes can be set at the vSwitch and/or the Portgroup level.
It will affect applications that require this functionality, how a layer 2 bridge will operate, and applications that require a specific MAC address for licensing. This will prevent VMs from changing their effective MAC address. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network. If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time.
0 kommentar(er)
