The case: You have multiple virtual machines that you don’t want to expose directly to the internet and you prefer routing them through a single virtual machine. This is also handy if you are short on IPs. Our case is OVH specific and it will give you a guide on how to set things up on OVH weird network topology. Reason why we use ipcop instead of pfsense is because pfsense doesn’t support a 32bit net mask. No matter what i’ve tried i could get it to work with a 32 bit netmask and gateway on separate network. So IpCop was the next best thing and it does the job quite well.
Login to your Vsphere client and go to Configuration -> Networking.
On Network Access select “Create a vSphere standard switch” without select any vmnic .
Proceed to Connection Settings and name your new nic under “Network Label” . “Vlan ID” select None.
Proceed on creating a new VM including both NICs the one that you just created and the one that connects you to the outside world.
Then move on with standard installation of IPcop. Keep in mind that your RED network will be the one connecting outside and the GREEN one will be your internal nat network. If you are not sure of the network settings while installing proceed and will edit network config later on anyways.
After installation login to the machine and now let’s edit the files needed for proper networking under OVH routers.
DEFAULT_GATEWAY=Dedicated Server IP but end in .254 DNS2=18.104.22.168 DNS1=22.214.171.124 RED_1_NETADDRESS=IP Failover RED_1_NETMASK=255.255.255.255 RED_1_ADDRESS=IP Failover RED_1_BROADCAST=IP Failover GREEN_1_NETADDRESS=192.168.1.0 GREEN_1_NETMASK=255.255.255.0 GREEN_1_ADDRESS=192.168.1.1 GREEN_1_MAC=Your Virtual Mac Address GREEN_1_DRIVER=pcnet32 GREEN_1_OPTIONS= GREEN_1_DEV=lan-1 RED_1_MAC=Your Virtual Mac Address RED_1_DRIVER=pcnet32 RED_1_OPTIONS= RED_1_DEV=wan-1 RED_1_TYPE=STATIC ORANGE_COUNT=0 BLUE_COUNT=0 RED_COUNT=1 GREEN_COUNT=1
#!/bin/sh route add Dedicated Server IP but end in .254 dev wan-1 route add default gw Dedicated Server IP but end in .254
Reboot and you are done! You can now login to the web interface under https://192.168.1.1:8443