Windows 10 Host-Only Adapter can't be set to "Private" Netwo

[Craig A.]

First, I can turn the Windows 10 Firewall off and the Network share I'm trying to access from the VM through the Host-Only network adapter to the Guest OS (Windows 10) works fine. I'm running VirtualBox 5.0.16 r105871 under Windows 10. The VM is Windows XP 32-bit.

The issue is I need to leave the Firewall ON while connected to a "Public" network through my wireless adapter.

I need to be able to set my VirtualBox Host-Only Ethernet adapter to "Network Category" "Private Adapter" so it will be treated like a Private Network and let through the GuestOS firewall, as seen in Windows 10 "Control Panel\Network and Internet\Network Connections". I can see the Host-Only Ethernet adapter in "Control Panel\All Control Panel Items\Network Connections", but can't change it's Network Category property.

In Windows 10 Settings -> Network & Internet, there is no Ethernet category for the Host-Only Adapter (where I might normally change this property).

Anyone know how to change the Host-Only adapter "Network Category" property to "Private Adapter" in Windows 10 when only connected to a Wireless Network?

[BillG]

That is really a Windows question, not a VB one.

There are a number of ways to do that in Windows. You can modify your local security policy to make all unidentified networks private (they are public by default). Or you can modify a particular interface from Settings|Network and Internet. Find the interface and set Make this PC discoverable on.

Edit:  I just checked. Host Only does not appear in the list in Settings|Network. That would leave you with powershell or registry edit options. I would go with changing the security policy myself. I have done that in the past and it works. You will find lots of discussion on this online if you look.

[Craig A.]

First, thank you for responding.

That is really a Windows question, not a VB one.

I might agree if the adapter showed in the Windows 10 Settings and Network area. As I said in my message it doesn't.

There are a number of ways to do that in Windows. You can modify your local security policy to make all unidentified networks private (they are public by default). Or you can modify a particular interface from Settings|Network and Internet. Find the interface and set Make this PC discoverable on.

Edit:  I just checked. Host Only does not appear in the list in Settings|Network. That would leave you with powershell or registry edit options. I would go with changing the security policy myself. I have done that in the past and it works. You will find lots of discussion on this online if you look.

I couldn't find where to set the default security policy. So I guess I'll be looking more online (which I did before posting), for some of the terms you use in your reply. So again, Thanks.

[BillG]

The fact that host only does not appear in Settings|Network is still a Windows thing, not VB. Windows knows the adapter is there and shows it in network and sharing center. It is up to them whether they show it in settings as well.

The easiest way to find the local security policy editor is just type local security into search. When you open it, the bits you want to see are in network list manager policies.

[andrewjoe]

If you want to leave firewall enabled but disable it just for the host-only adapter, you can try my suggestion below:

(Below is a cut and paste from stackexchange since I don't have enough reps to post links. You can Google "How to config windows firewall so VM Host-only can ping Windows 7" if you want pictures.)

This answer probably comes far too late but I ran into this issue recently when I started doing Linux development on a Windows laptop where the source code was on the host and it was shared over CIFS* to compile on a CentOS VM.

1) Open Windows Firewall and click on Advanced Settings:
2) In the overview panel, click on Windows Firewall Properties Windows Firewall Properties
3) Click on Public Profile Tab, Protected network connections, and unselect Virtual Host-Only Network Public profile

That's it! You can disable adapter from Domain and Private Profile as well but you should not have to. The root cause of the problem seems to be that host-only adapter is set to public instead of private but I never did manage to find a solution to change that setting for host-only adapter.

My solution assumes that you trust the communication between the host and the guest while keeping the firewall active for other adapters. If you want to be more narrow in what you let through between the host and guest VM, you can also edit the individual inbound and outbound rules to allow certain traffic through.

This solution also works when you take your laptop and connect to your work Wifi or tunnel in through VPN which may change your local subnet.

* I found that using VirtualBox's shared folder performance is abysmal (5x slower for my project) - hence the CIFS.

[socratis]

There's an explanation on that Windows behavior and an easier way to make the HostOnly network a Private one. The explanation is not necessarily one that makes sense to anyone but Microsoft's engineers.

Explanation: There is no gateway
If Windows doesn't find/have a default gateway for a network adapter, it sets that adapter automatically as public. Why? No clue. BTW, you internet cafe's connection does provide a gateway. Windows leaves it up to you to decide whether it's private or public. But it definitely forbids you to set a network as private if it doesn't have a gateway; it goes to the no fly list.

By the way to those that will come out suggesting it's a VirtualBox bug; no, it's not. That's how private, peer-to-peer networks work. They do not need a gateway. Nor a netmask. It's superfluous.

Solution: Invent a gateway
Open the HostOnly adapter » Properties » Internet Protocol Version 4 » Properties » Advanced » Default gateways » Add... » 192.168.56.1 ^[1]. Close the 5 dialogs (!!!!!) and if you still see the Network and Sharing center, your HostOnly network is now a private one. Hurray!!!

Wow Microsoft! Simply wow...

---

^[1]: That's assuming you've kept your defaults for the HostOnly network and you haven't changed it. If you have, you seem to know things, so that should be an easy one...