Mount a VM that has no network communication with Host
Mount a VM that has no network communication with Host
Dear sirs, I have a physical server where is located DC, mail server, webserver and other apps. I am not sure why since 2 weeks ago my mail server is not working correctly, so I want to mount a DMZ for email and web but no have another physical server. Can i mount a VM that has no communication with host? or any solutions you recommend. I have my DC with internal domain and external domain configurated on DNS
Re: Mount a VM that has no network communication with Host
Sounds like what you need is to used "Bridged Adapter" to a second physical NIC in the host, that is on the LAN you want the VM to be on. It works fine, I am doing it on the VM I am posting this message with.
Plug in a second physical NIC to the LAN you want, make sure that you make the BINDING order on the HOST take your normal NIC on your regular LAN first, the new NIC / LAN second or third.
Strictly speaking you can still make the VM talk to the host, like with shared folders, etc. But for the most part the VM will be isolated and take an IP and route through your "other" LAN connection. The host will have an IP on that LAN as well but will largely ignore it because it is set to route through your primary LAN via the binding order.
Plug in a second physical NIC to the LAN you want, make sure that you make the BINDING order on the HOST take your normal NIC on your regular LAN first, the new NIC / LAN second or third.
Strictly speaking you can still make the VM talk to the host, like with shared folders, etc. But for the most part the VM will be isolated and take an IP and route through your "other" LAN connection. The host will have an IP on that LAN as well but will largely ignore it because it is set to route through your primary LAN via the binding order.
Re: Mount a VM that has no network communication with Host
What i need is the following:
The host server will be AD DC and App server as now on network 192.168.100.0 connected to a switch and this switch connected to a firewall interface called internal lan. VM will be email and webserver located and connected into DMZ interface in the firewall. LAN can access to DMZ by any port (tcp or udp). DMZ server cannot access anywhere into the internal network. I am not sure if your scenario is the same
The host server will be AD DC and App server as now on network 192.168.100.0 connected to a switch and this switch connected to a firewall interface called internal lan. VM will be email and webserver located and connected into DMZ interface in the firewall. LAN can access to DMZ by any port (tcp or udp). DMZ server cannot access anywhere into the internal network. I am not sure if your scenario is the same
-
scottgus1
- Site Moderator
- Posts: 20945
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: VirtualBox+Oracle ExtPack
- Guest OSses: Windows, Linux
Re: Mount a VM that has no network communication with Host
Rootman's recommended second NIC gives you a port to connect to your DMZ port. Changing the bindings will make your host only communicate on the LAN and the guest only communicate on the DMZ.
If you wish to completely separate traffic on the LAN and DMZ, do this:
Turn off all the Virtualbox bindings and leave all the other Microsoft bindings active on the NIC you will connect to the firewall's LAN port. Your server will only use this NIC and only on the LAN.
Turn off all the non-Virtualbox bindings on the new NIC and leave only the Virtualbox bindings active. Bridge your guest to this NIC. Now the guest will only talk to the DMZ.
If you want the guest to be able to communicate with the LAN, too, then don't deactivate the Virtualbox bindings on the old NIC, leave all the bindings active on the old NIC. You can then define two networks in the guest, the DMZ network via the new NIC and LAN via the old NIC. Use Virtualbox's Bridged for both NICs.
If you wish to completely separate traffic on the LAN and DMZ, do this:
Turn off all the Virtualbox bindings and leave all the other Microsoft bindings active on the NIC you will connect to the firewall's LAN port. Your server will only use this NIC and only on the LAN.
Turn off all the non-Virtualbox bindings on the new NIC and leave only the Virtualbox bindings active. Bridge your guest to this NIC. Now the guest will only talk to the DMZ.
If you want the guest to be able to communicate with the LAN, too, then don't deactivate the Virtualbox bindings on the old NIC, leave all the bindings active on the old NIC. You can then define two networks in the guest, the DMZ network via the new NIC and LAN via the old NIC. Use Virtualbox's Bridged for both NICs.