Hide VMWare Virtual Network Interfaces from Windows Firewall and Network and Sharing Center

VMWare Workstation creates two virtual network adapters by default. One is the host-only network and the other is for NAT routing. You can add several more to suit your needs for more complex scenarios.

The problem is that these networks cause Windows 7 to think it is attached to a public “unidentified network” which has the side-effect of disabling network and printer sharing. You will experience the same problem with Windows 7 Virtual PC if you create virtual loopback device adapters and the same problem occurs with VirtualBox.

The solution is to mark the virtual network adapters as *NdisDeviceType=1 in the registry:

*NdisDeviceType

The type of the device. The default value is zero, which indicates a standard networking device that connects to a network. Set *NdisDeviceType to NDIS_DEVICE_TYPE_ENDPOINT (1) if this device is an endpoint device and is not a true network interface that connects to a network. For example, you must specify NDIS_DEVICE_TYPE_ENDPOINT for devices such as smart phones that use a networking infrastructure to communicate to the local computer system but do not provide connectivity to an external network.

Note  Windows Vista automatically identifies and monitors the networks a computer connects to. If the NDIS_DEVICE_TYPE_ENDPOINT flag is set, the device is an endpoint device and is not a connection to a true external network. Consequently, Windows ignores the endpoint device when it identifies networks. The Network Awareness APIs indicate that the device does not connect the computer to a network. For end users in this situation, the Network and Sharing Center and the network icon in the notification area do not show the NDIS endpoint device as connected. However, the connection is shown in the Network Connections Folder.

As far as I’m concerned this is just a bug in both VirtualBox and VMware Workstation. They should be marking their virtual network devices as *NdisDeviceType=1 for compatibility with NT 6.x –based operating systems.

Until they do that, I cobbled together a little powershell script to find any NICs created by VMWare and mark them as virtual. The setting takes affect after a reboot.

# tell windows that VMWare Network Adapters
# is not a true network interface that connects to a network
# see http://msdn.microsoft.com/en-us/library/ff557037(VS.85).aspx
pushd
echo "Marking VMWare Virtual Ethernet Adapters as virtual.`r`n"
cd 'HKLM:\system\CurrentControlSet\control\class\{4D36E972-E325-11CE-BFC1-08002BE10318}'
ls ???? | where { ($_ | get-itemproperty).DriverDesc `
-like 'VMware Virtual Ethernet Adapter *' } | `
% { $_ | new-itemproperty -name '*NdisDeviceType' -PropertyType dword -value 1 } | `
% { "`"" + ($_ | get-itemproperty).DriverDesc + "`" -> *NdisDeviceType=1" } 
echo "`r`nReboot to apply changes."
popd

Advertisements
%d bloggers like this: