I have laptop with a 2 port NIC. I would like to have 1 subset of appVMs that are connected to sys-net to use the eth0 interface and the other subset to use the eth1 interface. It is not possible to assign 1 port into seperate sys-nets. I have tried that and only eth0 will function. Its also my understanding that eth0 is the interface used between qubes. ( is this wrong? ) If so would this prevent me from using iptables in firewall-vm1 to block traffic to the eth0 interface. That would block traffic to sys-net as well (I think). The only solution I have come up with would be to go to dom0 GUI --> appvm1---> edit VM firewall rules ---> allow networks except 172.16.1.1/24 . This would not block traffic to the eth0 interface but it would prevent if from going any further than the 172.16.1.1 pfsense interface. Then I could do the same for firewall-vm0 and block it from the 192.168.1.1 pfsense interface. Is there a better way to do this with iptables. pfsense-----192.168.1.1/24------------eth1--------firewall-vm1--------appvm1 sys-net pfsense-----172.16.1.1/24--------------eth0--------firewall-vm0--------VPN/proxyvm--------appvm0
Thanks in advance Essax Sent with [ProtonMail](https://protonmail.com) Secure Email. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/yQ0Xt5URRed9eRoNFHjZy4TXx4hBIxcnQPtCMQhJu9epRY0cI_3O6_oS-WPZBl5CzDwlbYjIxwlREimUVjbGEKbQJdXKA2y9fartzH5VHAg%3D%40protonmail.com. For more options, visit https://groups.google.com/d/optout.
