I’ve been trying to route a Windows AppVM traffic through a custom proxyVM without much success.
It is a standard Windows ISO without much changes. DHCP is disabled, and all network settings is manually inputted correctly.
The proxyVM is a basic service netVM using (qubes-firewall) and basic hardening on …/qubes-firewall-user-script
The problem I am facing is that Windows doesn’t understand it is on qubes architecture and is sending ARP requests to the proxyVM which I confirmed are being recieved, but ignored since the proxyVM does not know what to do with these requests.
I have attempted to setup ipv4 forwarding rules and basic arp request rules without any success.
The only workaround I have found is to set the proxyVM as the NetVM in the qubes-manager GUI but in the actual windows settings, to set the gateway as the IP of sys-whonix, instead of the actual proxyVM. This results in sys-whonix forwarding to the proxyVM but this also has another issue, which is it builds up lots of zombie packets in the proxyVM leading to crashes and disconnects.
Any ideas folks? Guidance would be much appreciated.