Unable to attach BitLocker-encrypted USB on virtual machine
search cancel

Unable to attach BitLocker-encrypted USB on virtual machine

book

Article ID: 379721

calendar_today

Updated On:

Products

VMware vSphere ESXi VMware vSphere ESXi 7.0 VMware vSphere ESXi 8.0 VMware vCenter Server 7.0 VMware vCenter Server 8.0

Issue/Introduction

  • As soon as the USB device is attached, the virtual machine becomes unresponsive and requires a rebuild.
  • USB is BitLocker-encrypted

Environment

VMware vCenter Server 8.0.x
VMware vCenter Server 7.0.x

VMware ESXi Server 8.0.x
VMware ESXi Server 7.0.x

Cause

TPM is not available Also there is no option to enable it.
ESXi BIOS example:

Resolution

  • BitLocker and TPM Requirement: BitLocker encryption can only be used if a Trusted Platform Module (TPM) is available. Without TPM on the ESXi host, it is not possible to use or add encrypted USB devices or hard drives to the virtual machine.

  • Checking TPM on ESXi Host: To use a BitLocker USB with your ESXi host, you need to verify if TPM is installed on the host. This can be checked via the BIOS settings. If the TPM module is present, you will find the option to enable or disable it within the BIOS.

  • Enabling TPM for Virtual Machines: Once TPM is enabled on the host, you can add it to your virtual machine by editing the virtual machine settings. Afterward, you will be able to add the BitLocker-encrypted USB to the virtual machine.

  • No TPM, No BitLocker: If the TPM module is not installed on the host, unfortunately, BitLocker-encrypted USB devices cannot be used.

Additional Information

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-137ACCB4-8229-4ACE-90F2-EC5EEBE244BC.html