Connect to Virtual Machines (VMs) on PAW


Continuing the PAW series, this blog post discusses the options to connect to the VMs running on the PAW device.

In Windows, you can connect to a locally running VM using:

  • VMConnect (basic mode or enhanced mode)
  • RDP using mstsc.exe (classic RDP client)
  • RDP using the Remote Desktop app from Store (modern RDP client)
  • RDP over VMBus (this is done by creating a special RDP file, shown later in the doc)

In addition, it’s quite straightforward to develop a customized RDP app using the inbox RDP ActiveX control. Elena (our intern) wrote a RDP app for VM connection last summer, which is part of the PAW management app she developed. Hence, if none of the inbox apps meets your requirement, this might be a good approach.

Modern RDP client has a very nice clean UI, but it is still being actively developed. As of the latest release, it does not support pass through devices yet, so I don’t recommend it for VM connection on PAW. It is however a good choice for RDP to servers (i.e. server management) from the PAW VM.

VMConnect (basic mode) allows you to see OS boot phase, i.e. you can see the screen outputs even before the VM starts, whereas RDP (and VMConnect enhanced mode) can only display after the Remote Desktop service starts in the VM. If you need to enter BitLocker key for example, you can only do so using VMConnect basic mode.

VMConnect (enhanced mode) and RDP are built on top of the same RDP protocol, so they share similar features. For example, you can pass through smart card to the VM using either VMConnect (enhanced mode) or RDP (note, ensure the right card reader driver is installed in the VM). However, there are two main differences between VMConnect (enhanced mode) and RDP:

VMConnect (enhanced mode) RDP
Transport VMBus, which doesn’t require any network ports to be opened Requires open RDP firewall port to allow it
User permission Hyper-V admin on the host Standard user on the host; user must be in the Remote desktop user group in the VM

In addition, there are advantages of using RDP as it has more functionalities over VMConnect, to name a couple:

  1. Select a subset monitors for VM connection (for example, use 2 out of the 3 monitors connected to the device)
  2. Video device pass through

Using RDP client or VMConnect are pretty straightforward, I won’t go into details on those. There is another approach which allows to get the benefit of RDP, as well as using the VMBus, so you don’t need to open RDP ports on the VM, we call it "RDP over VMBus".

RDP over VMBus

This is done by creating an RDP file with the following configuration:

pcb:s:11111111-1111-1111-1111-111111111111;EnhancedMode=1

full address:s:localhost

server port:i:2179

where 11111111-1111-1111-1111-111111111111 is the VM ID on the host.

The downside of using this connection is that user will need to log on the VM twice; the first time is for the user to logon the local host, and second logon is the VM itself. I’m trying to figure out if there is a way to skip the first logon, welcome your ideas.

RDP file sample

You can create RDP files by running mstsc, and click on "Show Options", after specify the configuration, click on "Save As" on the General page. To use RDP over VMBus, simply replace the setting for "Full address" and "Server port". Below is the RDP file I used for my desktop VM as an example, you can find the setting references here.

pcb:s:11111111-1111-1111-1111-111111111111;EnhancedMode=1
full address:s:localhost
server port:i:2179
negotiate security layer:i:0
EnableCredSspSupport:i:1
allow font smoothing:i:0
allow desktop composition:i:0
audiocapturemode:i:1
audiomode:i:0
authentication level:i:2
autoreconnection enabled:i:1
bandwidthautodetect:i:1
compression:i:1
connection type:i:7
connect to console:i:1
devicestoredirect:s:*
drivestoredirect:s:DynamicDrives
disable wallpaper:i:0
disable full window drag:i:1
disable menu anims:i:1
disable themes:i:0
disable cursor setting:i:0
displayconnectionbar:i:1
enableworkspacereconnect:i:0
gatewayusagemethod:i:4
gatewaycredentialssource:i:4
gatewayprofileusagemethod:i:0
gatewaybrokeringtype:i:0
keyboardhook:i:1
networkautodetect:i:1
prompt for credentials:i:0
remoteapplicationmode:i:0
promptcredentialonce:i:0
redirectprinters:i:1
redirectcomports:i:1
redirectsmartcards:i:1
redirectclipboard:i:1
redirectposdevices:i:0
screen mode id:i:2
session bpp:i:32
span monitors:i:1
use multimon:i:1
selectedmonitors:s:0,1
videoplaybackmode:i:1
use redirection server name:i:0
bitmapcachepersistenable:i:1
usbdevicestoredirect:s:*

If you would like to share desired user experience or report issues using PAW, feel free to reach us here.


Comments (0)

Skip to main content