Make a VM can only access Internet via another VM? So I can build a VPN Chain

This is for discussing general topics about how to use VirtualBox.
Post Reply
ChaoWeiMot
Posts: 1
Joined: 19. Jul 2021, 04:55

Make a VM can only access Internet via another VM? So I can build a VPN Chain

Post by ChaoWeiMot »

Environment:
1 Host Machine(Windows 10)
2 Guest Machine(All CentOS 7), Call them as A and B

Requiment:
Sometimes I need host machine's traffic go through 2 VPN, sometimes I need host machine direct connect to Internet.


So run a VPN in host machine is not what I want, it will make all traffic go through VPN.

Here's my throught:Put VPN1 in guest machine A, and put VPN2 in guest machine B,

The traffic path is like this: Host --> Guest Machine A --> Guest Machine B
I will install Privoxy in Guest Machine B, and open a port for Host Machine, so if host machine connect to this port, then traffic go through 2VPN, if host machine not connect to this port, it will be direct connect

The problem is that how can I make guest machine B's traffic go through guest machina A?
And in this case, how can I open a port for host machine?
mpack
Site Moderator
Posts: 39156
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: Make a VM can only access Internet via another VM? So I can build a VPN Chain

Post by mpack »

ChaoWeiMot wrote: The problem is that how can I make guest machine B's traffic go through guest machina A?
You'd do it the same way you'd do it if two physical PCs was involved. Basically, you'll have to install routing software on PC A (with the Internet connection), so it can act as a gateway for PC B.

Making the <PC A>--<PC B> connection also VPN would be unnecessarily complicated in my opinion. If we assume that most Internet access is https them you are already protected from a hypothetical "man in the middle" on PC A - which in any case I assume you control.
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: Make a VM can only access Internet via another VM? So I can build a VPN Chain

Post by scottgus1 »

As a suggestion, see how this is done in "Sandbox" Virtualbox Networks: In Pictures: "Sandbox" Replace the pfSense VM with your VPN1 VM, then configure the VPN1 VM to act as the VM2's gateway, per Mpack's thoughts.
Post Reply