I have encountered something very strange after virtualizing what used to be a linux router running on an old desktop PC. For the past decade or so I have eshewed a traditional home WiFi router in favour of an old retired PC running BrazilFW. In this configuration, the repurposed PC had two network adapters... one connected to the modem, and the other to the LAN via a standard hub or switch. Originally I hung a WiFi access point off one port of the hub, but later I just used a 4 port WiFi router configured as an access point which gives me a small hub and AP in a single box.
BrazilFW is very flexible, and among other enterprise level features, it supports mapping ports on the Internet side to different ports on the LAN side. One use I put this to was to provide a different Windows Remote Desktop port for each PC on my LAN. Remote Desktop normally runs on port 3389, and although you can configure each machine to use a different port, this complicates RD access within the LAN. Instead, I mapped a series of Internet side ports to port 3389 on the various IP addresses of the LAN side devices. So, for instance, accessing port 3389 from the Internet would connect to port 3389 on my main PC at IP 192.168.1.6, while targeting port 3388 would instead go to port 3389 on my wife's PC at 192.168.1.10. This scenario is repeated with a different Internet side port for each of about 8-10 LAN side PCs. When I had BrazilFW running on real metal, this all worked perfectly. I could Remote Desktop from any PC on my LAN to any other on my LAN by specifying port 3389 and the IP of the target. From the Internet I could do the same by connecting to the IP of my router, and specifying the appropriate port I had defined for each LAN PC.
Some time ago I decided to move the BrazilFW PC into a VM running on my main LAN PC, the same one running my FTP, Web, and Subversion servers. I was extremely pleased with the result until I noticed one very frustrating issue. The virtual BrazilFW instance now runs many times faster than it did before, but now I have a problem with Remote Desktop access to my main LAN PC from the Internet. Every other connection works perfectly, I can Remote Desktop to the main PC from any other LAN side PC, and vice-versa, exactly as before. I can also Remote Desktop to any of my LAN side PCs from the Internet without difficulty, but when I try to connect to my main PC, the one with the BrazilFW VM, the connection starts up, but then freezes partway into displaying the initial screen from the host PC. I have tried this using several different laptops and desktops from the Internet side, but none of them can successfully start a Remote Desktop session from the Internet, even though doing the same with the same laptops from the LAN side works perfectly. I can only concludes that something is being garbled or timing is off as the packets come in (or maybe out) from the Internet, through the virtual BrazilFW router, passing through the LAN side network adapter in full VMware bridge mode and down into the host PC.
Here is how I virtualized BrazilFW:
My main PC has a 10/100Mb NIC for the Internet side adapter, and a Gb NIC for the LAN side. The 10/100 adapter has had all the Windows networking protocols turned off, except VMware bridging. This makes it effectively invisible to everything except the VM, which protects the host PC and the rest of the LAN from Internet based intrusion. As far as the host PC is concerned, the NIC doesn't exist, but to the BrazilFW VM, it does. The Gb NIC on the LAN side has ALL the protocols enabled, except IPV6. VMware bridging IS enabled on this NIC too. This allows the host PC and all the other LAN side PCs to see the VM virtual NIC at 192.168.1.1, and the hardware NIC on the host PC at 192.168.1.6.
In every respect except the one described above, this virtual setup behaves exactly like the old harware one did, but with much higer performance. In particular, all the servers I have running on the host PC on 192.168.1.6 are accessible from the Internet via the firewall in the virtual BrazilFW router. It is just the Windows Remote Desktop server running on the host that doesn't seem to be able to traverse all the virtual and physical NICs and virtual router properly.
As a test, I disabled all protocols on the the LAN side NIC, except VMware bridging, added a new virtual network with only a host-only adapter connection to the host PC, hooked the virtual router LAN side NIC to the host only network, and then used Windows NIC bridging to connect the host-only virtual adapter to the Gb physical adapter and VM LAN side NIC rather than use VMware bridging, but the behaviour was exactly the same. Everything worked perfectly except using Remote Desktop to the host PC from the Internet.
Sorry for the long-winded explanation, but I wanted to avoid lots of guesses and suggestions for things I've already tried. I'm hoping that someone might have an idea what is going on here.
Incidentally, my host PC supports full hardware virtualization.