Den mandag den 4. september 2017 kl. 13.11.49 UTC skrev Mark Eubanks: > On Monday, September 4, 2017 at 8:15:29 AM UTC-4, Mark Eubanks wrote: > > I have created a NETVM and I have connect the usb nic to the vm and is > > working. It shows up in Connection manager and I can give it a static IP . > > So I've also connected a different physical laptop with a cross over cable > > to the usb nic going to the NETVM. Both nics are on the same network and I > > can ping from the NETVM to the physical but I don't get a reply from the > > NETVM. I can see both in both arp tables . Any ideas why the physical > > doesn't get a reply? > > I agree it sounds like a firewall but I see that it shows allow imcp traffic. > What I'm trying to do is make Qubes a passthrough firewall.. so I need 2 nics > on the laptop
Apologies for late reply, had a short leave for work. I'm not the most knowledgeable on this topic, especially the Qubes firewalls. However I believe NetVM must have a default firewall too, to block unauthorized requests, otherwise it would be quite simple and too easy to attack the NetVM. So it seems to me that the NetVM has a default firewall, (routor firewall behavior like), blocking unauthorized incoming signals. To solve that (Assuming it is indeed the problem), I believe https://www.qubes-os.org/doc/firewall/ might be quite helpful, down in the port forwarding section. Here it seems you should be able to poke a hole for your connection in the NetVM. You separated all this from your other networks right? As far as I know, it should be secure enough if this has no internet connection, while on a separate Qubes network. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6df991c3-63e4-46c6-9876-d6274715f055%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.