Restrict "untrusted" guest network to proxy
Posted: 4. Aug 2020, 17:29
Hello,
I'm looking to run an "untrusted" potentially compromised guest and I want to ensure that it can only connect to the host domains proxy and not the hosts LAN subnet. However the host is trusted and must remain available normally on the network.
I was looking into running NAT and restricting the traffic by using a host route command or two, but it doesn't seem like I can isolate the guest VM traffic as the source traffic.
What's the best and most secure way of achieving this restriction?
Kev
I'm looking to run an "untrusted" potentially compromised guest and I want to ensure that it can only connect to the host domains proxy and not the hosts LAN subnet. However the host is trusted and must remain available normally on the network.
I was looking into running NAT and restricting the traffic by using a host route command or two, but it doesn't seem like I can isolate the guest VM traffic as the source traffic.
What's the best and most secure way of achieving this restriction?
Kev