Setting up vSRX and Space in VMware Fusion

9 08 2016

I’m going to be travelling a bit in the near future and wanted an easy, laptop-based Juniper device and Junos Space instance to mess with. I’ve recently made some headway with CLI configlets and wanted to build on what I’ve got working.

I already run VMware Fusion on the Mac in order to run Ubuntu and Windows, so I figured that was the best thing to use. What I wanted was two VMs that could see each other and be accessed from the host machine, but without them being dependent on the host’s interfaces being up. Wifi access would be chargeable, and wired impossible – without making an ethernet loopback plug to bring the Mac’s interface up artifically, that is. So that ruled out both bridged and NAT type connections. What I needed was some kind of internal network within the host – Fusion seems to call this a ‘Private to my Mac’ connection.

My version of Fusion is 7.1.2 – it doesn’t seem to be the ‘Pro’ version, but I can’t confirm this. For some reason, the help isn’t vey helpful. You do some Googling and VMware Workstation information comes up, or help pages about what appear to be very old versions of Fusion. Anyway, a bit of experimentation and I figured it out.

If you go into the shell in OSX, and type ‘ifconfig’ you will see a variety of interfaces – two of which are ‘vmnet’ ones. In my case, these are vmnet1 and vmnet8. These interfaces have IP addresses assigned to them. In my case, vmnet1 has 192.168.32.1/24 and vmnet8 has 192.168.126.1/24.  See below – your addresses and interface numbers may vary:

ifconfig

vmnet1 is the host interface for an internal network, not accessible from outside the host. vmnet8 is the network that guest VMs are put on if they are going to use NAT to access the outside world using the host’s IP address. Obviously with a bridged VM, neither of these would be used.

So after installing the OVA file for the Juniper vSRX, click into the properties:

fusion
Click on the first network adapter – there will probably be three:

vm-settings

Make sure the ‘Connect network adapter’ checkbox is selected, and choose the ‘Private to my Mac’ option:

privatenet

Start up the vSRX, and configure an IP address on ge-0/0/0 that is in the subnet 192.168.32.0/24.

Once you’ve committed this, you should be able to ping the host machine at 192.168.32.1. Don’t forget that for the host to be able to ping the vSRX, you’ll need to put it in routing mode or create firewall policy that permits the pings…

vSRX

After doing this, I set up Space 15.2, put it on the ‘Private to my Mac’ network with an appropriate address, and browse to it from the host. Finally, I got Space to discover the vSRX as a managed device.

Advertisements

Actions

Information

4 responses

31 08 2016
Sandra McCann (@sc_mccann)

Great post! I just tried this on VMWare Workstation 12 on my Win10 PC. Only difference was using ipconfig in a command window to find the vmnet1 address, and setting network adapter 2 to host only instead of network adapter 1. I followed this tidbit for getting the zoning correct so I can ping both ways:
http://www.juniper.net/techpubs/en_US/vsrx15.1×49-d40/topics/example/security-vsrx-example-kvm-installing.html#jd0e640

Now onto Junos Space!

1 09 2016
DataPlumber

Cool – thanks for the additional info Sandra!

17 10 2017
David

Good post my friend. In later vSRX code versions network adapter 1 seems tied to fxp0 rather than ge-0/0/0. Would be interested to see if the memory and hard disk requirements could be lowered in future versions so you can spin up multiple images on Fusion.

15 11 2017

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: