"Hardware"-Firewall on VM

[shrewm]

Hi there,

I am trying to run the Vyatta firewall ( http://www.vyatta.com/ ) as a VM. The installation works fine but I have trouble to find the right network configuration.
I thought about this:
The hostsystem acts as the client in the network which will connect to the firewall.
The virtual machine acts as the firewall which connects to the router.

I ceated a host-only-adapter for the client->firewall connection and another bridged network-interface for the firewall->router connection. A traceroute showed me, that I did have a connection from client to router ( one time, but I do not remember the settings ) but the packets which the client should recieve seemed to "loop" between the client and the firewall and I did not have a connection to the internet.

The hostsystem has two NIC´s (one enabled, one disabled) and the enabled one is directly connected to the router.

I also need to know how I can prevent the hostssystem from connecting directly to the router and skipping the firewall. As I said before I need the hostsystem connected to the firewall which is connected to the router (Internet). The firewall should then filter packets sent and recieved by/to the router.

I hope the description is good enough and sorry for my bad english,

shrewm

[shrewm]

No ideas? Anyone?

[vbox4me2]

This is a routing issue, you need to set a default route from the Host to the FW and use an additional mask / route to force packets to go thru the GW.

[sej7278]

it sounds like a horrible idea using a guest as a firewall for the host, is this for development work or something?

otherwise i'd say use iptables on the host - oh just noticed the host is windoze.

[shrewm]

Hello again,

thanks for the answers and yes it´s for testing only. There are some open-source firewalls around with the same config-behaviour like the cisco´s.

I´ll have a look at the routing tomorrow, thanks for the advice.