I’m able to do networking between qubes following instruction with same Net-VM. However now I have different setup and wanted to have access to resources of another qube.
I’ve got 2 qubes each of them connected to separate WG-VPN:
VM1->VPN1->Internet
VM2->VPN2->Internet
I’m looking for a way to access database which can be located in any of the qubes, however need to keep everything else go to the internet.
Is there any way to accomplish this locally without putting my database in the cloud?
Update: if anyone have similar needs, forwarding individual port using connectTCP worked out perfectly.
Of course. You can use qrexec to pass data between the qubes. You already do this every time you update your qubes - they are not
linked by a common netvm but use a qrexec service to pass data to and
from the qubes.
There is qubes.ConnectTCP existing, which you could use, or you can
define a custom service - I do this for syncthing between qubes - look
at github.com/unman/shaker/syncthing for the detail. If you do this you
can define a policy file to allow/deny interactions between qubes -
always a good thing.
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.
@Atrate@unman
Thank you so much guys. Seems like connectTCP works perfectly for my needs by forwarding database port. I’ve never used connectTCP before now. It’s nice to have database service in 1 location rather than in each individual VM, yet having own Net-VM for outside world on each AppVM.