Without seeing your network topology, not much can be said.
By default, libvirt sets up a bridge named
virbr0, runs a DHCP server (dnsmasq) and arranges for NAT. Again by default, VMs are connected to
virbr0 and get an IP address from a range like 192.168.124.1/24 (that's the range on my PC). Thanks to NAT, they can dial out, and they can be reached from the virtualization host.
Instead of this default NAT arrangement, you can create your own bridge, plug the virtualization host's NIC into the bridge and tell libvirt to use this bridge for connecting the VMs.
Something like this:
Code:
VM1 VM2
| |
Your bridge
|
eth0
|
The Internet
In this case, VMs are connected to the same network as that NIC, and it's your responsibility to provide an IP address to VMs, either by configuring static addresses on the VMs or by running your own DHCP server.
If you use the virtmanager wizard to create a new VM, step 5 has an option
Network Selection. The attached screenshot shows the networking options on my PC; the first one,
br1, is such a bridge.
Virtual network 'default': NAT is
virbr0.
My suggestion: Ensure that VMs can be networked at all, using NAT or your own bridge. Once you have an understanding how that works, approach the VPN question.