Solved

Cannot connect to VM with NAT through Win firewall

Posted on 2011-09-06
19
666 Views
Last Modified: 2012-06-27
Hi,

I installed Virtualbox on a windows 2000 host. I set a windows
7 virtual machine. Everyting went fine. I also installed a Remote
PC listening software to remotely manage my VM.

My VM is connected through NAT.

The problem is that I cannot connect to the Remote PC software
 when the windows Firewall is activated. When the firewall is
inactive the connection to the remote control software installed
on the VM works perfectly.

I set a rule on my firewall that allows all incoming connections
 to this port to the machine.

I've been browsing and it seems that Windows firewall makes
something weird when it's about NAT but I don't see a solution

thanks
0
Comment
Question by:guillem2011
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 8
19 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36488989
What remote software are you using? Some softwares require and output port to be opened as well
0
 

Author Comment

by:guillem2011
ID: 36489052
I tried with Remote administrator and RealVNC. With both the problem is the same. It only works when win firewall is off. I don't think it's a problem of the remote software.

I suppose that the solution should come on how to correctly set the firewall rules. All outbound ports are open except "File and sharing". I tried to disable the rules that block outbound "File and sharing" without success.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489067
Here is VNC

http://kb.realvnc.com/questions/39/How+do+I+allow+VNC+through+my+firewall%3F

Why don't you use something like logmein.com this uses port 80 and it is free
0
The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

 

Author Comment

by:guillem2011
ID: 36489164
I follow these settings and they work when firewall is off. THe problem is more complex: THe remote software is installed on the WM and is accepting incoming requests from NAT. NAT works when the firewall is off.

I suspect the problem may happen with any software installed on the VM that receives requests from outside through the firewall with NAT. Swithching to another remote control soft won't avoid future troubles with other software that follow the same path.

On the other side, my host is a server that needs port 80 for http. I'm also looking for safe remote control software with full encryption and Remote Admin and VNC have this feature.

I insist, I think the problem is not the software, is the firewall.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489262
What I'm saying is logmein is the best software with the most security.

The software will not conflict with any other software using port 80

https://secure.logmein.com/welcome/access/fasteasy/16/?wt.srch=1&utpk=free%20LogMeIn&destination=/welcome/access/fasteasy/16/&originid=51123&ef_id=UbtOCgTIQVMAAAlb:20110906150235:s
0
 

Author Comment

by:guillem2011
ID: 36489296
Yes but this doesn't solve the main problem.

As I told you: "suspect the problem may happen with any software installed on the VM that receives requests from outside through the firewall with NAT. Swithching to another remote control soft won't avoid future troubles with other software that follow the same path."

and: "On the other side, my host is a server that needs port 80 for http."
0
 

Author Comment

by:guillem2011
ID: 36489315
Let's motivate a little bit. I increase 50
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489317
Ok.

Again "On the other side, my host is a server that needs port 80 for http." that doesn't matter with logmein this will still work without issues.

Logmein doesn't need firewall ports to be opened.  So, the below will not matter as well

As I told you: "suspect the problem may happen with any software installed on the VM that receives requests from outside through the firewall with NAT. Swithching to another remote control soft won't avoid future troubles with other software that follow the same path."
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489327
Back to the original issues you are trying to connect remotely through a router to this server or internally through a NAT address setup on VirtualBox?
0
 

Author Comment

by:guillem2011
ID: 36489360
Remotely through an internet connection. I connect to the host with the same remote control soft and it works.

From outside, the connection goes through NAT to the VM.

Internally there is no problem, I don't need any remote control soft I just do it from the virtualbox console.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489432
From outside you can not connect, right? But when Windows firewall is turned off you can connect, right? But you can connect internally no matter what to this server with the same software without any issues
0
 

Author Comment

by:guillem2011
ID: 36489476
Two first questions a right. This is exactly what happens.

When you say "internally" what you mean?. Trying to connect to the VM from the Host? I don't need any remote desktop soft to do it internally. Virtualbox has a management console and I connect to the  VM through it.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489635
From another computer on the servers LAN. Do you have NAT setup within Virtual Box
0
 

Author Comment

by:guillem2011
ID: 36489674
No. I have a VIsta pc. What you mean? To install VB and try to set a VM?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489814
No try to connect to the VM from within the same internal network the VM is on with one of the remote softwares.
0
 

Author Comment

by:guillem2011
ID: 36493627
Done. I connected from a PC between the external firewall and the host. The result is exactly the same. Only works with windows firewall off on the host.

Permanently disabling windows firewall is not an option. External and internal firewall rules are different and specific.
0
 

Author Comment

by:guillem2011
ID: 36493629
100 extra points
0
 

Accepted Solution

by:
guillem2011 earned 0 total points
ID: 36494693
Problem solved.

It was just necessary to create a new rule on windows firewall for a specific port to allow all connections and allowing edge transversal

thanks
0
 

Author Closing Comment

by:guillem2011
ID: 36521330
I found it googling
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Giving access to ESXi shell console is always an issue for IT departments to other Teams, or Projects. We need to find a way so that teams can use ESXTOP for their POCs, or tests without giving them the access to ESXi host shell console with a root …
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question