IPCop in VM on host PC

P

plinx0r

Limp Gawd
Joined
Apr 25, 2002
Messages
204
Bottom line is I want to run IPCop in a virtual machine on my main PC which runs VMWare Server. I know this can be done but I'm still trying to piece together exactly how to set up the network settings. I have three NICs and I'm thinking

  1. 1st NIC (Red) to DSL modem
  2. 2nd NIC (Green) to LAN switch
  3. 3rd NIC (Green) to LAN switch

I want NIC 1 to act as the red interface in IPCop. It should interface with my DSL router and pick up an IP from ISPs DHCP. I was thinking NIC 2 will present itself as the gateway to the lan (my home network gateway is 172.27.34.1). NIC 3 would not be configured in VMWare at all and just act as normal DHCP client, picking up a 172.27.34.x IP.

My question is, how do I configure NICs 1 and 2 in VMWare server? Bridged? Host? Nat? Does this make sense?

Any comments would be helpful.
 
i think you want bridged networking and then in the advanced settings i think you can bind it to a specific virtual adaptor that is then bound to the physical adaptor...

at least thats how i think it works, i would very interested to know this also though! :)
 
Bridge the red NIC to the to a virtual adapter assigned to the public interface of your host machine. On your host machine, disable all protocols on this interface.

One warning though, there are latency problems with this. I had this running for a little while. Because of the problems, I came up with a new rule for my home network: All firewalls are a to be a dedicated on non-virtual hardware.
 
MorfiusX said:
Bridge the red NIC to the to a virtual adapter assigned to the public interface of your host machine. On your host machine, disable all protocols on this interface.

One warning though, there are latency problems with this. I had this running for a little while. Because of the problems, I came up with a new rule for my home network: All firewalls are a to be a dedicated on non-virtual hardware.
Click to expand...

hmm. well currently I have ipcop running on an old AMD t-bird box with 768 megs of ram but I want use that box for something else. so if I game this probably wouldn't be the best solution?
 
I wouldn't recommend it. For a security device such as a firewall, the best solution will always be a dedicated device running the minimum it can to perform its job. Aside from that, there are problems with running such a device virtually. I experience random latency issues, dropped packets, session errors, etc. Just bite the bullet and find an old machine to run it on. You will be happier in the long run.
 
You must log in or register to reply here.
Back
Top