So, I’m wondering how to isolation the guests’ WAN traffic on the host?
My Host is Windows 10E, guest is Windows 10P behind a VPN.
I have the guest NIC bound to one of three adapters on the host. The host is using the other two. However, I didn’t want the host using the NIC the guest is bound to, so I disabled the IPv4 and IPv6 protocols in the network stack for that NIC. However, the guest can still get WAN traffic, how is that possible?
So, how do I make sure that the guest uses only that NIC that it’s bound to while ensuring the host isn't using the NIC that's bound to the guest VM?
Does this make sense?
How to Isolate VirtualBox guest WAN traffic on host?
-
- Site Moderator
- Posts: 20945
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: How to Isolate VirtualBox guest WAN traffic on host?
I'll suppose "Windows 10E" is Windows 10 Enterprise, and "Windows 10P" is Windows 10 Professional. (I see you did this in another post and had to have it clarified. Please don't invent your own acronyms for known entities without defining them once in each post where you intend to acronym them; it confuses folks who want to help.)
You can block the host from using the guest's NIC. Open the Control Panel, then Network and Sharing Center. On the left click "Change Adapter Settings". Right-click the adapter you wish to reserve for the guest and choose Properties. In the middle of the Properties popup is the box "This connection uses the following items". These are the "bindings" that connect services to the network adapter. On the NIC to be reserved for the guest, uncheck all the bindings that don't mention Virtualbox. Then click OK. Now the host can't use that card for network access.
You can just remember to only Bridge the guest to that reserved NIC to get its traffic to be just through that NIC. Or you can make sure you won't Bridge to any other NIC by accident by opening the other NICs' properties and unchecking the Virtualbox bindings on those NICs. Now Virtualbox will be unable to use any other NICs besides the one for the guest.
You should use Bridged, by the way, not NAT, for this "reserve-the-NIC" concept. NAT can't be filtered to a particular NIC, so WAN traffic will come from wherever it can be found.
You can block the host from using the guest's NIC. Open the Control Panel, then Network and Sharing Center. On the left click "Change Adapter Settings". Right-click the adapter you wish to reserve for the guest and choose Properties. In the middle of the Properties popup is the box "This connection uses the following items". These are the "bindings" that connect services to the network adapter. On the NIC to be reserved for the guest, uncheck all the bindings that don't mention Virtualbox. Then click OK. Now the host can't use that card for network access.
You can just remember to only Bridge the guest to that reserved NIC to get its traffic to be just through that NIC. Or you can make sure you won't Bridge to any other NIC by accident by opening the other NICs' properties and unchecking the Virtualbox bindings on those NICs. Now Virtualbox will be unable to use any other NICs besides the one for the guest.
You should use Bridged, by the way, not NAT, for this "reserve-the-NIC" concept. NAT can't be filtered to a particular NIC, so WAN traffic will come from wherever it can be found.
Re: How to Isolate VirtualBox guest WAN traffic on host?
Okay , sorry about that.
So, the only item in the network stack of the NIC I've bound to the guest is "VirustalBox NDIS6 Bridged networking driver". So just leave that enabled, and I'll be good?
Thanks,
So, the only item in the network stack of the NIC I've bound to the guest is "VirustalBox NDIS6 Bridged networking driver". So just leave that enabled, and I'll be good?
Thanks,
-
- Site Moderator
- Posts: 20945
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: How to Isolate VirtualBox guest WAN traffic on host?
That should do it!
Re: How to Isolate VirtualBox guest WAN traffic on host?
Shoot, that didn't work.scottgus1 wrote:That should do it!
The guest can't reach the gateway or any LAN resources. like an idiot, I didn't write down what I had enabled on the host, and I can't seem to get the guest's LAN connection back
Any ideas?
-
- Volunteer
- Posts: 5102
- Joined: 19. Sep 2009, 04:44
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows 10,7 and earlier
- Location: Sydney, Australia
Re: How to Isolate VirtualBox guest WAN traffic on host?
How have you configured the networking in the vm? What you have attempted will only work if the guest NIC is set to bridged. The vm should get its network config from DHCP on your LAN, just like any all the other LAN machines.
Bill