Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 10 subscribers
  • Views 6186 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Virtual machine and UTM on Vlans possible?

peter thompso

Is there any way to have my utm running on my pc which could run hyper V or other - then create virtual adapters eth0 and eth1 one on the lan IP range and the other on a private vlan set by my dd-wrt router?

 

The pc is too far away from my cable router (currently in modem only mode going to a dd-wrt router.

 

 



This thread was automatically locked due to age.
  • 0

    I don't think so

    ________________________________________________

    Sachin Khanna Flipkart Coupons

  • 0

    I think technically you can spin up a virtual machine to run the firewall on, but we need more details on what you're connecting where. Can you elaborate further?

  • 0 in reply to Aaron Becker

    Yeah so my virtual machine is in the shed away from the house and router

     

    Ivegot DD-WRT as a router interface.

     

    My router is simply set up as the main gateway, dhcp and dns reference (which fires off to opendns) - id ideally like my lapds laptop and phone to go to my utm first before returning to the router/internet.

     

    Without physically plugging in a cable to the router, can this be done?

     

    Thanks

  • 0 in reply to peter thompso

    Yes it can be done using Windows' client Hyper-V, but it will be far from ideal.

    What you will need to do is install UTM as a Hyper-V guest and setup 2 NIC's (one internal, one external). The external needs to be bridged to the physical connection using an external vswitch (which in turn connects to your current router).

    Het other NIC needs to be connected to an internal vswitch (which can communicate to the hyperv NIC inside your laptop which will automatically be created in this setup). This NIC should then point to the UTM's internal IP-address as a gateway.

    However, once your UTM virutal machine (inside your own Windows setup) is down, your laptop won't be able to connect to the internet.

    Another challenge is connecting your phone to this setup. For this to work, you'll need at least 2 physical NIC's (or use VLAN's and a VLAN capable switch) so you can setup a second external vswitch on another VLAN on the same physical NIC of your laptop. You can then connect an access point to this switch for your phone to connect to.

    That it can be done does not mean I can advise you to use this kind of setup as "production" even at home. You are creating a complex virtual setup based on a client Hyper-V machine that has to be ON at all times and when it crashes no other devices will have internet access.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to peter thompso

    So to clarify, you don't want utm to handle the NAT between your modem and lan, but rather you want to use utm's web filtering?

    I'm sure this can be done somehow.  Not sure how web filtering is implemented on the same subnet.  Maybe as a proxy?

    Or are you looking to implement utm into a vm environment?

    How many physical interfaces does the vm host have? I can sort of visualize doing it 1 nic with multiple tagged vlans.  You would of course need something further upstream that will convert the tagged to untagged unless your modem can be configured to use a vlan.

    My current set up is utm under esxi. I've got 5 ports on the box but only using 2 at the moment.  The port assigned as wan is in i/o passthrough mode, the lan port is vmxnet (virtual mapped to physical).  All works relatively well.

Unfiltered HTML