Firewall using one network card

[TheGuy]

Hi Guys

I'm toying with the idea of using one network card for a firewall. Now I know 99% of people would say that it's impossible but you do get something like a router on a stick. So in networking terms it should be possible.

here is my theory:

Install Hyper-V on a microserver then create 2 virtual networks and bind both to the same physical nic. Next I create a VM with 2 network cards and attach each nic to a virtual network. These virtual networks will be on separate subnets.

I do understand that you will be able to bypass the firewall if you assign yourself an IP address in the external nic subnet.

This will only be for a small home network and also to prove the theory.

can anyone see a fault in my logic before I give it a try?

 

[Tim the Techxpert]

Hi There,
I follow your theory. Maybe the empirical test will be best so do it and let us know if it works.

Regards

Tim

 

[ShawnStar]

Well, if you use two virtual network interfaces then you are not using one network interface.... so it's not a "firewall using one network card" setup this.

I have setup plenty firewalls in a vm environment for testing purposes, no issues what so ever. vlans needs to be used in and outside of the vm environment (Sometimes it's the modems etc that cannot support the vlan setup so no fault of the firewalls)

People tend to stay away from using virtual interfaces on virtual firewalls as you need to setup vlans etc and it's just not as secure that way if you don't dedicate a physical interface to your internal and external network.