diff --git a/roles/environment/tasks/_configure_network.yml b/roles/environment/tasks/_configure_network.yml
index 4361f9f..37fce51 100644
--- a/roles/environment/tasks/_configure_network.yml
+++ b/roles/environment/tasks/_configure_network.yml
@@ -13,6 +13,14 @@
         | default('')
       }}
 
+- name: Bring up network interface
+  when:
+    - hypervisor_type == "vmware"
+    - environment_interface_name | default('') | length > 0
+  ansible.builtin.command: "ip link set {{ environment_interface_name }} up"
+  register: environment_link_result
+  changed_when: environment_link_result.rc == 0
+
 - name: Set IP-Address
   when:
     - hypervisor_type == "vmware"
@@ -32,13 +40,31 @@
   register: environment_gateway_result
   changed_when: environment_gateway_result.rc == 0
 
+- name: Configure DNS resolvers
+  when:
+    - hypervisor_type == "vmware"
+    - system_cfg.network.dns.servers | default([]) | length > 0
+  ansible.builtin.copy:
+    dest: /etc/resolv.conf
+    content: |
+      {% for server in system_cfg.network.dns.servers %}
+      nameserver {{ server }}
+      {% endfor %}
+      {% if system_cfg.network.dns.search | default([]) | length > 0 %}
+      search {{ system_cfg.network.dns.search | join(' ') }}
+      {% endif %}
+    mode: "0644"
+
 - name: Synchronize clock via NTP
   ansible.builtin.command: timedatectl set-ntp true
   register: environment_ntp_result
   changed_when: environment_ntp_result.rc == 0
 
 - name: Configure SSH for root login
-  when: hypervisor_type == "vmware" and hypervisor_cfg.ssh | bool
+  when:
+    - hypervisor_type == "vmware"
+    - hypervisor_cfg.ssh | default(false) | bool
+    - system_cfg.network.ip is defined and system_cfg.network.ip | string | length > 0
   block:
     - name: Allow login
       ansible.builtin.replace:
@@ -58,7 +84,18 @@
         name: sshd
         state: reloaded
 
-    - name: Set SSH connection for VMware
+    - name: Switch to SSH connection
       ansible.builtin.set_fact:
         ansible_connection: ssh
         ansible_user: root
+        ansible_password: ""
+        ansible_host: "{{ system_cfg.network.ip }}"
+        ansible_ssh_extra_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
+
+    - name: Reset connection for SSH switchover
+      ansible.builtin.meta: reset_connection
+
+    - name: Verify SSH connectivity
+      ansible.builtin.wait_for_connection:
+        timeout: 30
+        delay: 2
diff --git a/roles/environment/tasks/_prepare_installer.yml b/roles/environment/tasks/_prepare_installer.yml
index be62742..ea96aef 100644
--- a/roles/environment/tasks/_prepare_installer.yml
+++ b/roles/environment/tasks/_prepare_installer.yml
@@ -79,6 +79,13 @@
 # bootstrapping RHEL-family distros from the Arch ISO, where the
 # host rpm/dnf does not trust target distro GPG keys. Package
 # integrity is verified by the target system's own rpm after reboot.
+- name: Create RPM macros directory
+  when: is_rhel | bool
+  ansible.builtin.file:
+    path: /etc/rpm
+    state: directory
+    mode: "0755"
+
 - name: Relax RPM Sequoia signature policy for RHEL bootstrap
   when: is_rhel | bool
   ansible.builtin.copy:
diff --git a/roles/environment/tasks/main.yml b/roles/environment/tasks/main.yml
index ce72093..eda86c7 100644
--- a/roles/environment/tasks/main.yml
+++ b/roles/environment/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
 - name: Configure work environment
-  become: "{{ hypervisor_type != 'vmware' }}"
+  become: "{{ (hypervisor_type | default('none')) != 'vmware' }}"
   block:
     - name: Detect and validate live environment
       ansible.builtin.include_tasks: _detect_live.yml