How to lock down a connection from Virtualbox Guest1 (Host1) <–> Guest2 (Host2)

a5347527drdrb.net

Current configuration:

{PC1}{VM1}–-{LAN1}

I am running VirtualBox on an Ubuntu host with Windows 7 as guest os (VM1). This physical machine (PC1) connects to a local network (LAN1).

{PC2}{VM2}---{LAN1}

I am running VirtualBox on a CentOS host with Windows Server as guest os running an MSSQL database (VM2).

This physical machine (PC1) connects to a local network (LAN1).

What I would like to achieve:

{PC1}{VM1}---{LAN1}---{PC2}{VM2}

I would like the Windows 7 guest (VM1) to ONLY have access to the specific IP address/port necessary to connect to the MSSQL server (VM2)....and absolutely no other network connectivity whatsoever.

What is of most importance:

1)    That the Windows guest (VM 1) remains locked down such that it cannot access the outside world/internet (or vice versa!)

2)    That any data flowing between VM1 and VM2 remains within the LAN and does not traverse or become exposed to the outside internet.

3)    That whatever solution is employed has the potential to be extended to allow the use of additional VM guests to connect securely to the same database (on VM2) even though they may exist on external/remote networks (eg. through the use of VPN, TUN etc.) but again, remaining restricted to ONLY connecting to this and nothing else!

Any and all assistance would be greatly appreciated!

a5347527drdrb.net

nobody? …..really?