I googled for some tutorials on this, but didn't find one that does exactly what I want, and I can't figure it out.
I am trying to set up a virtualized router (pfSense as VirtualBox guest), and I want to set it up so that all traffic MUST go through that pfSense
guest if it wants to go to the internet.
Let's say I have only one machine in my "network", and it will act as the VirtualBox host.
I have configured VirtualBox, loaded all the modules needed (also loaded those which are needed for host-only adapter which I then added (vboxnet0))
and created a new guest, pfSense.
In network settings inside VirtualBox for pfSense I have created 2 NICs, first one is bridged to WAN, second one is host-only vboxnet0.
I installed pfSense, for WAN I entered 'em0' and for LAN 'em1'. I can then access the web setup of pfSense, configure what I want, pinging 220.127.116.11
from inside pfSense works.
But my host is still not connecting to the internet through pfSense. So I did a
#systemctl start firstname.lastname@example.org
After that, pinging pfSense (10.0.0.1) from host works fine, pinging host (10.0.0.100) from pfSense also works, but WAN does not. It just died.
Pinging 18.104.22.168 says no route to host.
So my question is what I need to do to achieve desired result - having a pfSense guest regulate ALL traffic for me? At the moment it will be only for
the host, but later I will add a switch to my host's second NIC and I want that all those machines too go through pfSense if they want to connect to
Is the setup I mentioned with two NICs, bridged and host-only the way to do it? It is something I come up with combining informations from several
tutorials and it may not be the way to achieve the desired result.
I have exactly the same setup on my box (using Smoothwall instead of pfsense).
You need to change your default route so all traffic passes through the virtual network...
root@oldarch:~# ip r #Show default route default via 192.168.1.254 dev enp2s0 192.168.0.0/24 dev vboxnet0 proto kernel scope link src 192.168.0.104 192.168.1.0/24 dev enp2s0 proto kernel scope link src 192.168.1.150 root@oldarch:~# root@oldarch:~# root@oldarch:~# ip route change default via 192.168.0.1 #Change default route to vbox nic root@oldarch:~# root@oldarch:~# root@oldarch:~# ip r #Show default route default via 192.168.0.1 dev vboxnet0 192.168.0.0/24 dev vboxnet0 proto kernel scope link src 192.168.0.104 192.168.1.0/24 dev enp2s0 proto kernel scope link src 192.168.1.150 root@oldarch:~#
I will need more help
First, a little more info:
In Host-only Netowrks settings in VirtualBox, for vboxnet0 IPv4 Address is 10.0.1.0, and mask is 255.255.255.0
In pfSense, there is DHCP server, 10.0.0.101 to 10.0.0.110, with my host having a static ip for it's MAC, 10.0.0.100.
Here is the output of $ip route when my internet works
ip r default via 22.214.171.124 dev eno1 metric 203 10.0.0.0/8 dev vboxnet0 proto kernel scope link src 10.0.0.100 metric 204 10.0.1.0/24 dev vboxnet0 proto kernel scope link src 10.0.1.0 126.96.36.199/22 dev eno1 proto kernel scope link src 188.8.131.52 metric 203 184.108.40.206/22 dev eno1 proto kernel scope link src 220.127.116.11 metric 203
Now, I am a noob for computer networks, but your output looks 'cleaner'.
I tried setting the default to both 10.0.1.0 and 10.0.0.1 but WAN didn't work both times.
How should the output of ip r look on my end?
I finally got it to work. I don't know what was causing the problem and how it suddenly got fixed.
This is the output of $ip route
ip r default via 10.0.0.1 dev vboxnet0 metric 204 10.0.0.0/8 dev vboxnet0 proto kernel scope link src 10.0.0.100 metric 204 10.0.56.0/24 dev vboxnet0 proto kernel scope link src 10.0.56.0 18.104.22.168/22 dev eno1 proto kernel scope link src 22.214.171.124 metric 203
10.0.0.1 is LAN in pfSense
10.0.56.0 is vboxnet0
Because 'default' is on 10.0.0.1 everything is now going through vbox guest (pfSense), right?