Initial situation
I need to share internet between two VMWare images that work within host-only network, where one host would be a server and another a client.
I'm working with VMWare Workstation and have two kinds of Virtual Networks:
- VMnet4:
- Type: Host-only
- Subnet IP: 192.168.237.0/24
- VMnet8:
- Type: NAT
- Subnet IP: 192.168.56.0/24
- Gateway IP: 192.168.56.1
- PC's IP in a context of VMNet8 network is 192.168.56.5
With such Virtual Networks I have two hosts with following configurations:
1. KaliLinux 2019.3:
ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:b5:bd:69 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.10/24 brd 192.168.56.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feb5:bd69/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:b5:bd:73 brd ff:ff:ff:ff:ff:ff
inet 192.168.237.1/24 brd 192.168.237.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feb5:bd73/64 scope link
valid_lft forever preferred_lft forever
ip route
default via 192.168.56.1 dev eth0 onlink
192.168.56.0/24 dev eth0 proto kernel scope link src 192.168.56.10
192.168.237.0/24 dev eth1 proto kernel scope link src 192.168.237.1
iptables rules
#!/bin/bash
outer_interface=eth0
inner_interface=eth1
inner_subnet=192.168.237.0/24
internet_ip=192.168.56.10
sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t mangle -F
sudo iptables -X
sudo iptables -A FORWARD -i $inner_interface -o $outer_interface -s $inner_subnet -j ACCEPT
sudo iptables -A FORWARD -i $outer_interface -o $inner_interface -d $inner_subnet -j ACCEPT
sudo iptables -P FORWARD DROP
sudo iptables -t nat -A POSTROUTING -s $inner_subnet -o $outer_interface -j SNAT --to-source $internet_ip
echo 1 > /proc/sys/net/ipv4/ip_forward
2. Ubuntu Desktop 18.04 - as a client
ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default glen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.8.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default glen 1000
link/ether 00:0c:29:66:6c:4a brd ff:ff:ff:ff:ff:ff
inet 192.168.237.2/24 brd 192.168.237.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe66:6c4a/64 scope link
valid_lft forever preferred_lft forever
ip route
default via 192.168.237.1 dev ens33 proto static metric 20100
169.254.0.0/16 dev ens33 scope link metric 1000
192.168.237.0/24 dev ens33 proto kernel scope link src 192.168.237.2 metric 100
Problem
With configuration specified above I can't access Internet from Ubuntu client.
Quetsion
What do I wrong? Is my configuration correct? What I need to do with my configuration?
internet_ip
should be192.168.56.10
, not192.168.56.1
192.168.237.1
? If so check the counters ifiptables -nvL FORWARD
. (internet_ip
should definitely be the IP assigned toouter_interface
btw, if it isn't always gonna be the same, useMASQUERADE
instead ofSNAT
.) For the record, I know nothing about vmware, no idea if it prevents anything.