I often come across one particular problem when working on my Pen network, No internet connection for Kali Linux. Yes, a simple solution available like use dual nic card and do Nat, but I do not want to expose VMs in pen network to the internet directly. hence this solution
The Idea: Using PFsense firewall to perform NAT for pen network and use it as a gateway for all VMS inside pen network will give me the ability to use only one Nic card on each internal VM and also internet network is constantly available.
Advantage: All VMs stays inside the internal network. you can turn off the firewall in a windows machine and still block access to VM from internet using firewall. but for Internal network you will have full freedom to take down firewall, update windows, test AV evading techniques and much more without compromising security since traffic flows through the firewall.
Download pfsense firewall from official website, deploy with two NIC interfaces one doing NAT , this will be internet WAN interface, another one is internal only network. Following is image of internal network NIC configuration.
Pfsense interfaces configuration will be em0 interface is auto NAT and em1 is private network configuration i.e static and IP address will be 10.10.10.1 with subnet mask 24. This will also be our default gateway for windows and kali
Some recommendations are to keep web configurator to the local area network. use a strong password, enable secure shell, disable DHCP on local area network.
Windows and Kali Linux
Both these VM’s will only have one Network adapter and it will be internal only. static IP address of our likes can be configured along google DNS 22.214.171.124
Windows IP Configuration
Thats all, once settings are completed just restart everything and use internet in pen network. any firewall configurations you need can be configured on pfsense. if you want to turn internet off just turn off pfsense VM and they still stay in internal network with out internet access. simple yet powerful solution.