So, what I am trying to do is have two windows 10 computers, Windows10No1 is a honeypot to which potentially dangerous individuals are allowed full remote desktop access. And Windows10No2 used as a machine to send commands using utilities like PsExec to Windows10No1 in order to confuse and frustrate anyone with remote desktop access to Windows10No1. I have pfSenseNo1 which acts as a router and VPN to isolate the VMs from Host (Windows 10) and mask IP address. Right now pfSenseNo1 has two NICs, one nat and one internal network, each of the Windows10 VMs have one internal network nic. Both Windows10 VMs have internet access through pfSenseNo1 but at this point they cannot ping each other.
Does this look like a good setup?
Original Post (with dubiously legal stuff removed):
Code: Select all
Hello, I am quite new to VMs and networking. Below I have described my situation:
Host:
Windows 10, as isolated as possible from the guests, connected to the local network and directly to internet without a VPN.
Guest1:
A Windows 10 honeypot to which potentially dangerous individuals are allowed full remote desktop access. To anyone connected this, it should (as much as is practical) appear as if it is running on bare metal and not a VM. Ideally looks like it is connected to a typical home router and has only one network connection. Connected to the internet through Guest2.
Guest2:
Windows 10, used as a machine to send commands using utilities like PsExec to Guest1 in order to confuse and frustrate anyone with remote desktop access. Guest2 will be running NordVPN to hide my IP address from people with access to Guest1 and isolate Guest1 from the local network.
Right now, I believe the way to do this is to have both guests have network adapters attached to "Internal Network" and Guest2 to also have an adapter attached to "NAT". I have done this and can ping between the two guests (I had to disable the windows firewall on both machines) and Guest2 can access the internet. I have tried using ICS to share the NAT connection on Guest2 but have been unsuccessful. I have not yet installed or configured the VPN.
Any help would be appreciated, I will happily update this with information that is requested.