can I connect the client that I created using the vm to the pfsense interface in virtualbox?

ezvink

@stephenw10
so in lubuntu VM must use adapter 1 bridge sir? is that so sir? then the client can access the pfsense

ezvink

@stephenw10
I always have problems pinging from pfsense to the client it connects but when I try to ping from the client to pfsense it still doesn't connect sir.
even though I've used the rules you gave.

stephenw10

No the Lubuntu VM should be connected to the Internal Network adapter and that should already have access to the pfSense GUI as long as the NIC you're using for the pfSense LAN is also an Internal Network adapter.

You removed the 3rd NIC from the pfSense VM right?

Patch

@ezvink said in can I connect the client that I created using the vm to the pfsense interface in virtualbox?:

I took a networking class

@ezvink said in can I connect the client that I created using the vm to the pfsense interface in virtualbox?:

this is a project for my final project

@ezvink said in can I connect the client that I created using the vm to the pfsense interface in virtualbox?:

The project that I will make is about IDS Suricata and Snort.
I need 1 client as server 1 client for attacker then pfsense as firewall.

@ezvink said in can I connect the client that I created using the vm to the pfsense interface in virtualbox?:

I'm confused how to connect it

Then you need to develop your networking skill if you are ever going to be employed for your network skills.

How all engineering task are done, is you develop ability with the basic building blocks then combine multiple building blocks to achieve more complex tasks.

You were set this project not because anyone cares about the end result, what matters is the skill you develop in doing a Network engineering task. For you to actually have the competence to do your project you need skills in

1. Hypervisor virtual machine configuration
2. How to configure a virtual network within the Hypervisor
3. Firewall installation and network configuration
4. How to configure the basic firewall features within your chosen firewall application
5. Installation of advanced firewall capabilities to support IDS (eg Suricata or Snort)
6. Configuration of the IDS package
7. Designing & building a firewall test station including a simulated attacking computer, a firewall under test, and a defended work station.
8. Testing the effectiveness of the of your Firewall with IDS
9. Understanding and reporting on the limitations of your choosen threat protection approach (eg encrypted messaging).

Your start this engineering task by getting the basic stuff working first. Your questions indicate you have not got a firm understanding of step 2. yet, so do just that and get just that working. After which you should be able to create a VM and have it network reliably with what ever other VM or NIC you choose.

After which you can learn about step 3. Which is best done by reading the manual and experimenting. Asking others to build your project for you deprives you of the learning opportunity and will prevent you from becoming a competent network engineer. If you want a successful career there is no other way.

ezvink

@stephenw10

i didn't remove it the pack persists, so the lubuntu VM keeps using the internal network?

ezvink

@patch

I'm sorry sir, I have only recently studied this VM before I used more physical tools such as Mikrotik and others.
For the configuration of Snort and Suricata, I understand quite well, sir, now I'm also just learning about Pfsense because when I'm short I ask for help from this forum.
Yes, I really don't understand much about firewalls, moreover, it's different like my configuration on Winbox, that's why I'd better ask this forum because the time for this project to be collected is not long

ezvink

@stephenw10

I've done it sir, but still it doesn't work sir

stephenw10

Both of those show as adapter 3 but I expect on one NIC on the Lubuntu VM and two on the pfSense VM. Are the other disabled?

That will work as long as the subnets are correct and the 'Adapter 3' NIC in pfSense is assigned as LAN.

Are you using DHCP in Lubuntu or a static config?

ezvink

@stephenw10
so adapter 1 in the lubuntu VM is entered in the internal network, then adapter 2 in pfsense is entered in the internal network, like that, sir?

I am using static ip pak in lubuntu VM, as well as in pfsense VM

stephenw10

Yes, that's correct. As long as those are NICs you have assigned in the OS. Usually those are the default order.

If you use DHCP then it will be obvious if it's connected and you remove the possibility of making a mistake in the static config.

Steve

ezvink

@stephenw10
I've followed what you suggested, but the web gui doesn't even work, sir?

ezvink

@stephenw10
and if i change adapter2 to host-only the web runs sir

stephenw10

Looks like you are trying to connect from the host but using the internal subnet IP address. Which I expect to fail!

With adapter 2 set as internal network the Lubuntu VM should be to access pfSense at 192.168.1.1.

From the host you should be using the WAN IP, 192.168.18.48. That will work as long as you have added the firewall rule on WAN.

Steve

ezvink

@ezvink @stephenw10
So where should I do the test, sir? i have to check the web gui on the lubuntu vm with network settings like this? sorry sir i don't really understand

stephenw10

You can connect from either but you have to use the correct IP address.

The Lubuntu VM is connected to LAN so it can access any IP address in pfSense.

The VBox host cannot access the internal network so if you are trying to access it from there you need to use the pfSense WAN IP.

Steve

ezvink

@stephenw10

I'm still confused with the word "host" so please correct me sir.
so you mean "host" which network sir? LAN IP? because I've tried the network settings you suggested and when I try to run the web gui from google using the WAN IP on my pc it doesn't run.
but when i restore the network settings to the original adapter 2 is filled with "host-only" and adapter 3 is filled with "internal network" the web gui running on my pc is running sir.

stephenw10

By 'host' I mean the computer that is hosting VirtualBox. That's why the 'host only' adapter can only work from there.

If you have added the WAN firewall rule as we discussed earlier you should be able to connect to 192.168.18.48 from any other machine in the WAN subnet. And that includes the VBox host as it also had an IP there.

You can run it as you have shown above. You will just need to add appropriate firewall rules on OPT to allow the Lubuntu VM to connect out.

Steve

ezvink

@stephenw10
but i'm not calling WAN IP from my PC sir, it's not working to call web gui if I use the network settings you suggest sir.

Then how do I configure the OPT?

stephenw10

@ezvink said in can I connect the client that I created using the vm to the pfsense interface in virtualbox?:

but i'm not calling WAN IP from my PC

Why not? You need to do that to access the pfSense webgui from other devices in the WAN subnet.

Get that working first, then look at configuring OPT. I strongly recommend setting the Lubuntu VM as a DHCP client and enabling the DHCP server on OPT.
On LAN it's enabled by default which is why I suggested you use that as the internet network but you seem to want to use the host-only NIC as LAN so....

Steve

ezvink

@stephenw10
I don't know sir, I followed the tutorial from my lecturer and he added the IP on the "host-only" network then the web gui could run.
if i don't add IP on the "host-only" network and don't use host-only as adapter 2 the web gui won't run.
do you have any suggestions so it won't be like this again?