I do use VMware Server as well. I've used v1 and v2 successfully with a
virtualized IPCop.
The VM host and IPCop red share a bridged nic, but the VM host is
assigned IP 0.0.0.0, so all traffic on the nic goes only to IPCop. I
picked up this method from an Untangle (the firewall) conversation
somewhere (forum I think). I'd like to know more about how/why this
works if anyone would care to explain.
Stephen wrote:
> You can virtualize your firewall. i have seen some whitepapers on
> this., but it really does mean you need a solid server and some very
> carefully constructed networking.
>
> I prefer vmware on this, because you cna chain off physical ports to
> seperate virtual machines so they cannot share ports. so firewall has
> phys port A and B, and the resto of your vms share C and D. B hooks to
> the same network as C and D but A is the outside.
>
> I have not seen this in any other virtual platform.
>
> On Mon, Apr 27, 2009 at 1:56 PM, Alex Dean <alex@crackpot.org> wrote:
>> On Apr 27, 2009, at 1:24 PM, Eric Shubert wrote:
>>
>>> Mark,
>>>
>>> I have a couple old e-machines that I made into IPCop firewall/routers,
>>> and have been decommissioned for a while (they were virtualized).
>> Do you mean you virtualized your firewall? Doesn't that create a risk that
>> other VMs on the same hardware host might be exposed to nasty stuff which
>> arrives at the firewall? I'm recalling Austin's talk on VMs & security from
>> a year or two ago.
>>
>> If I've misunderstood your statement, please disregard.
>>
>> alex
>>
--
-Eric 'shubes'
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)