Hi community!
I have the following task and unfortunately still can’t find a solution.The host system is Debian with 1.19 OMV connected to my home LAN (router). I’m using Virtualbox plugin and have an Ubuntu server as a guest.So what I want is that the Guest machine will have an access to internet (e.g. that I can access it remotely via SSH) but no access to a physical home LAN (to avoid security issues if someone will hack the guest machine from outside).
What I tried so far is:
- My OMV host system is in the LAN with IP: 192.168.172.31
- My guest machine is configured for NAT and has an IP: 10.0.2.15 (mask 255.255.255.0)
- Thanks to ports forwarding I’ve setup a channel to reach the guest machine from internet via SSH: WAN-> router -> host OMV with vbox plugin -> guest OS. It works without issues.
Problem: I still can ping from my guest OS any other computer within the physical LAN, e.g. “ping 192.168.172.25” will successfully ping other computer on physical LAN.
I do not understand why it is happening. According to my understanding there should be somewhere a gateway which is allowing the guest OS to reach another network. But I do not know if this idea is fully correct.
I can’t isolate the whole physical OMV machine into other network (e.g. by using other router) as it is my central NAS system in the LAN. So I want isolate only the guest OS.
Can you please suggest me a solution? I’ve tried to search for it but with no luck. Thanks in advance!