Connecting virtualbox internal network and host to internet via pfsense



  • Hi,
    I would be thankful if someone could help me figure out how can I make my virtual machines on internal network and host to have internet connectivity at the same time via Pfsense virtual machine acting as a router to both of them.
    Here are the scenarios :
    GUEST=Linux (Debian,CentOs)
    HOST=Linux (Linux Mint)
    Gateways and subnets seems fine.Machines that are expected to communicate do communicate with the exception of the WAN interface of pfsene VM.I cannot ping or traceroute WAN interface of Pfsense from the host even if I change the subnet and gateway of the host to match that of the Pfsense WAN interface.
    Internet connection is via pppoe dial-up (dsl) and is made in Pfsense VM ( connection is direct and there is no router in between the connection.So router settings are only applicable to Pfsense VM only ).Authentication and connection succeeds in all scenarios.
    Ip,subnet and gateway of all machines are set manually.I set them all at each reboot so as to avoid any misconfigurations and is a great way to learn about subnetting.

    1)Both host and guest get internet connectivity via Pfsense effortlessly.
    Virtual machines = bridged mode
    Pfsene virtual machine = both WAN and LAN in bridged mode

    2)Only guest has internet connectivity via Pfsense.No connectivity to the host.
    Virtual machines = internal network
    Pfsense virtual machine = 1) WAN in bridged mode  2) LAN in Internal network mode

    3)Only host has internet connectivity through Pfsense.No connectivity to the guest.Its here that I want both guest and host to have internet connectivity.
    Virtual machines = internal network
    Pfsense virtual machine = 1) WAN in bridged mode 2) LAN1 in bridged mode 3)LAN2 in internal network mode.
    I specified the gateway of the internal network VMs to the LAN2 of pfsense VM.I am not sure about it,do let me know if I am on the right path

    I do understand scenario 1 and 2,its the 3rd scenario that is giving me nightmares for the last 2 weeks.Believe me the below average mind of mine tried very hard to find the answers on google but was in vain.
    Also could someone please tell me why does in any scenario where the pfsense WAN interface is set to bridged,I am not able to ping or traceroute it from host,the pfsense box just drops the host packets.Host can ping and traceroute pfsense box only if the LAN interface is set to bridged.
    I would be grateful if someone could solve my queries or push me in the right direction as I am the type who learns by doing rather than reading.Please do let me know if you need any other information.
    Thankyou.

    P.S: I know I could attach another adapter to the guest in NAT or bridged mode in scenario 3 but I would like to know if it is possible to configure pfsense to route internet to internal network as well as host.



  • Thank you for replying allpoints.
    I think I might not have been able to explain my dilemma properly.I do know that internal network works as a separate lan with the VMs connected via a switch like function of the virtualbox.
    In 3) I don't have any problem connecting the pfsense VM to the internet as it is the one dialing the pppoe connection.The host having an internet connection via pfsense VM is a proof of that.
    I have read that you can connect a switch to router.I just don't know the steps involved in doing so ,i.e connecting the internal network VMs to the pfsense VM and providing internet connection to them through it, but I would love to learn how to.As I said before I am kind of person who understands concepts by doing them.Hope this helps.Please do let me know if you need anything else.
    Once again thank you for taking out some precious time of yours for reading this incredibly long post (which I apologize for) and replying to it.

    Wtf where did the post from allpoints go.I swear I did see it posted as a reply to my thread and hence replied.Wierd.



  • @devaj:

    Thank you for replying allpoints.
    I think I might not have been able to explain my dilemma properly.I do know that internal network works as a separate lan with the VMs connected via a switch like function of the virtualbox.
    In 3) I don't have any problem connecting the pfsense VM to the internet as it is the one dialing the pppoe connection.The host having an internet connection via pfsense VM is a proof of that.
    I have read that you can connect a switch to router.I just don't know the steps involved in doing so ,i.e connecting the internal network VMs to the pfsense VM and providing internet connection to them through it, but I would love to learn how to.As I said before I am kind of person who understands concepts by doing them.Hope this helps.Please do let me know if you need anything else.
    Once again thank you for taking out some precious time of yours for reading this incredibly long post (which I apologize for) and replying to it.

    Wtf where did the post from allpoints go.I swear I did see it posted as a reply to my thread and hence replied.Wierd.

    Sorry to delete the post after you had seen it.  :P

    My suggestion for connectivity in 3) was to create another Host Only nic on the pfSense VM, because VBox intnet nics aren't supposed to be accessible from the Host.
    But then that didn't seem right. And then the phone rang…



  • Come to think of it, I don't really know what would be considered best practice for deploying pfSense on a Type 2 virtualizer as a primary firewall.

    I'm going to start another thread asking just that.

    http://forum.pfsense.org/index.php/topic,53469.0.html


Log in to reply