11-19-2022 10:59 AM
I am using EVE-NG in VMWare Workstation Pro to simulate a simple network. The VM is set to use NAT. I have pnet1 set to 10.0.0.1 /16, and all traffic is routed from this network to pnet0 (management cloud interface) to allow internet access to the network. I have a simple network configured, and all devices can ping the public internet. However, they can also ping my personal router, and any devices on my personal network. Is there a way for devices in my lab to connect to the internet, but not have access to my personal network? Would I need 2 NICs for this to work?
I've included some information that might be useful. I only included lines I edited. The router is a fresh install with the only changes made listed here.
/etc/network/interfaces
# The primary network interface
iface eth0 inet manual
auto pnet0
iface pnet0 inet dhcp
pre-up ip link set dev eth0 up
bridge_ports eth0
bridge_stp off
# Cloud devices
iface eth1 inet manual
auto pnet1
iface pnet1 inet static
bridge_ports eth1
bridge_stp off
address 10.0.0.1
netmask 255.255.255.0
iptables -L -nv -t nat
Chain POSTROUTING (policy ACCEPT 49 packets, 2956 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- * pnet0 10.0.0.0/24 0.0.0.0/0
Router Configuration
ip dhcp excluded-address 172.168.0.1
ip dhcp pool 1
network 172.168.0.0 255.255.0.0
default-router 172.168.0.1
dns-server 172.168.0.1
interface Ethernet0/0
ip address 10.0.0.2 255.255.0.0
ip nat outside
ip virtual-reassembly in
duplex auto
interface Ethernet0/1
ip address 172.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
ip dns server
ip nat inside source list 100 interface Ethernet0/0 overload
ip route 0.0.0.0 0.0.0.0 10.0.0.1
access-list 100 permit ip 172.168.0.0 0.0.255.255 any
Topology
Solved! Go to Solution.
11-19-2022 11:20 AM
Is there a way for devices in my lab to connect to the internet, but not have access to my personal network?
From your Lab you like to connect, one of the router internets needs to be in the Cloud0 interface eve-ng and do NAT as you did.
PNET1 is local network.
example :
If you do not like your lab network like to communicate other networks you need to create an ACL for that.
You like to have Pnet1 to be used - then you need to have one more router need to be part of Cloud0 example :
R1-----PNET1---(INET - add another router IOL) ---Cloud
INET Router Gig1 will be on PNET1 and Gig0 will be Cloud0 interface (do NAT here.)
11-19-2022 11:20 AM
Is there a way for devices in my lab to connect to the internet, but not have access to my personal network?
From your Lab you like to connect, one of the router internets needs to be in the Cloud0 interface eve-ng and do NAT as you did.
PNET1 is local network.
example :
If you do not like your lab network like to communicate other networks you need to create an ACL for that.
You like to have Pnet1 to be used - then you need to have one more router need to be part of Cloud0 example :
R1-----PNET1---(INET - add another router IOL) ---Cloud
INET Router Gig1 will be on PNET1 and Gig0 will be Cloud0 interface (do NAT here.)
11-19-2022 01:03 PM
Thank you for your help, using an ACL on the router worked perfectly. I already have internet through PNET1 by configuring the VM with an IP route to the Cloud0 interface, however I may consider trying it your way, using the two clouds and using NAT on the router. Now all devices can access the internet, but not any devices on my home network. On the router I added an ACL to interface e0/0 for inbound traffic:
interface Ethernet0/0
ip address 10.0.0.2 255.255.0.0
ip access-group block_network in
ip nat outside
ip virtual-reassembly in
duplex auto
ip access-list standard block_network
deny 192.168.1.0 0.0.0.255
permit any
12-04-2022 01:12 PM
Hi, I wanna install EVE-NG in VMware 17 pro but, I can't make connectivity with internet and my interfaces don't get IP. Would u plz tell my your configuratin? Also, I used both .ISO & .OVF formats without success. How many interfaces do u have in Virtual Network Editor and how did u config them? Also, how did u config your Network adapter in Virtual Machine settings?
Sincerely,
David
12-04-2022 02:11 PM
I use ESXi so it works as expected.
check below video for a workstation or player :
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide