Firewall in a VBox

[PsYkOKnArF]

Hi,

I'll submit you my problem.

I have a Debian server, where I have my datas.

On this server, I've 2 network plugs (eth0 and eth1), but only one still working, at this time

At this time, I've a separate computer with Zentyal how use to be my firewall running, and desserve all my DHCP at home, and dmz for the physical nas,

I'd like to virtualize this Zentyal and use ETH1 on the Debian to make the WAN to the router, and leave ETH0 on my LAN.

Is it possible to work like that? I'll explain:

-Router ---> Zentyal [guest on the debian and using ETH1]
-All the network and the host can't access directly on ETH1.
-If I poweroff Zentyal, ETH1 must be unreacheable by all the network
-ETH0 on debian is connected to the entire network and can't reach his ETH1 (eth1 must be only for Zentyal)

Now, I've a little idea for this.

Zentyal manage ALL the dhcp and dns for internal network. If I set ETH1 like WAN and ETH0 like LAN, it will appear like my actual configuration, ok. But now, debian has 2 IP, one for ETH0 (internal network), and one for ETH1 (external network). Debian can be use like a gateway, and that doesn't work.

The goal to reach is like this: Debian see only one interface to use, but ETH1 only active for the guest Zentyal.

Is it possible?

thanks a lot for the answers

(sorry, i have a bad english ^_^ )