If i got it, you could try to configure your VMs as below:
For example, let’s say your setup has three VMs:
- Pfsense (PF/Suricata)
- CentOS (Apache)
- Window Server (Some kind of java app)
Pfsense with 2 NICs configured on VirtualBox network settings
1 NIC (bridge mode) with your Internet IP address
2 NIC (internal network) with an isolated network address
CentOS/Windows Server with 1 NIC each configured on VirtualBox network settings
1 NIC (internal network) with the same isolated network as above.
Now you can use Pfsense VM as a firewall and configure Suricata in IPS mode to project the traffic between your CentOS/Windows Server VMs and external side.
I don’t really know if this is what you’re looking for but i’ve tried this solution but just as a lab for practices purposes.