Apologies if this is such a stupid question, but I have spent a couple of hours trying to find the answer to this, but I'm not sufficiently familiar with the precise terminology. Hopefully it'll be a simple one to answer!
I have a Linux box running VirtualBox 5.2 on a machine that has several IP addresses. I've set up guest VMs in the past where the MAC address is used to make a bridged network as though the host wasn't even there.
For my next trick, I'd like to have guests that are running legacy OSes for which no good software firewall exists. So I think the bridged method is no good and I'd like to set up NAT on a 1:1 IP address basis - so IPAddr1=Host, IPAddr2=Guest1, IPAddr3=Guest2. These are all Public IP addresses.
So do I have to set up a virtual LAN and give each of my guests it's own LAN IP address (eg. 10.0.0.2, 10.0.0.3,...) and then port forward (IPAddr2:<all ports> --> 10.0.0.2, IPAddr3:<all ports> --> 10.0.0.3, etc)?
Then any generic ufw rules I have on the host (eg. ufw allow from 62.30.1.2 to any ) will apply to all guest
And more specific rules can also be created on the host (eg. ufw allow from 62.30.1.2 to 10.0.0.2 ) will apply to specific guests? [Or maybe this should use Public IPAddr2?]
There must be a HowTo on this somewhere - what should I search for?
Newbie struggling to get to step 2 with NAT...
-
- Site Moderator
- Posts: 39134
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: Newbie struggling to get to step 2 with NAT...
I don't believe that's possible in VirtualBox.
A distinguishing feature of NAT is that VirtualBox leaves all outgoing routing decisions to the host OS. VBox itself just uses the host networking API like any other host app. The choice of network could change on every packet, and VirtualBox wouldn't know or care. So, you should be looking for a host OS feature that forces all traffic from a certain application to be routed through a particular network.
A distinguishing feature of NAT is that VirtualBox leaves all outgoing routing decisions to the host OS. VBox itself just uses the host networking API like any other host app. The choice of network could change on every packet, and VirtualBox wouldn't know or care. So, you should be looking for a host OS feature that forces all traffic from a certain application to be routed through a particular network.
Re: Newbie struggling to get to step 2 with NAT...
Mmm. I must have phrased this incorrectly, as in my travels I have come across people who set it up just as I want.... I'll find such a page and give the location here!
Re: Newbie struggling to get to step 2 with NAT...
Easier said than done (my browser was in "don't remember" mode...
But in general if I have a multihomed Linux host and a NATted guest, how might I forward packets from the host to the guest based on IPaddress? I'd guess that iptables could do it, but that tools exist within VirtualBox.
Can Virtualbox's networking handle the concept of it being multihomed and behaving differently for packets sent in on one interface to another? surely it can?
But in general if I have a multihomed Linux host and a NATted guest, how might I forward packets from the host to the guest based on IPaddress? I'd guess that iptables could do it, but that tools exist within VirtualBox.
Can Virtualbox's networking handle the concept of it being multihomed and behaving differently for packets sent in on one interface to another? surely it can?