?
Solved

Cannot connect to VM with NAT through Win firewall

Posted on 2011-09-06
19
Medium Priority
?
670 Views
Last Modified: 2012-06-27
Hi,

I installed Virtualbox on a windows 2000 host. I set a windows
7 virtual machine. Everyting went fine. I also installed a Remote
PC listening software to remotely manage my VM.

My VM is connected through NAT.

The problem is that I cannot connect to the Remote PC software
 when the windows Firewall is activated. When the firewall is
inactive the connection to the remote control software installed
on the VM works perfectly.

I set a rule on my firewall that allows all incoming connections
 to this port to the machine.

I've been browsing and it seems that Windows firewall makes
something weird when it's about NAT but I don't see a solution

thanks
0
Comment
Question by:guillem2011
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 8
19 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36488989
What remote software are you using? Some softwares require and output port to be opened as well
0
 

Author Comment

by:guillem2011
ID: 36489052
I tried with Remote administrator and RealVNC. With both the problem is the same. It only works when win firewall is off. I don't think it's a problem of the remote software.

I suppose that the solution should come on how to correctly set the firewall rules. All outbound ports are open except "File and sharing". I tried to disable the rules that block outbound "File and sharing" without success.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489067
Here is VNC

http://kb.realvnc.com/questions/39/How+do+I+allow+VNC+through+my+firewall%3F

Why don't you use something like logmein.com this uses port 80 and it is free
0
Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

 

Author Comment

by:guillem2011
ID: 36489164
I follow these settings and they work when firewall is off. THe problem is more complex: THe remote software is installed on the WM and is accepting incoming requests from NAT. NAT works when the firewall is off.

I suspect the problem may happen with any software installed on the VM that receives requests from outside through the firewall with NAT. Swithching to another remote control soft won't avoid future troubles with other software that follow the same path.

On the other side, my host is a server that needs port 80 for http. I'm also looking for safe remote control software with full encryption and Remote Admin and VNC have this feature.

I insist, I think the problem is not the software, is the firewall.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489262
What I'm saying is logmein is the best software with the most security.

The software will not conflict with any other software using port 80

https://secure.logmein.com/welcome/access/fasteasy/16/?wt.srch=1&utpk=free%20LogMeIn&destination=/welcome/access/fasteasy/16/&originid=51123&ef_id=UbtOCgTIQVMAAAlb:20110906150235:s
0
 

Author Comment

by:guillem2011
ID: 36489296
Yes but this doesn't solve the main problem.

As I told you: "suspect the problem may happen with any software installed on the VM that receives requests from outside through the firewall with NAT. Swithching to another remote control soft won't avoid future troubles with other software that follow the same path."

and: "On the other side, my host is a server that needs port 80 for http."
0
 

Author Comment

by:guillem2011
ID: 36489315
Let's motivate a little bit. I increase 50
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489317
Ok.

Again "On the other side, my host is a server that needs port 80 for http." that doesn't matter with logmein this will still work without issues.

Logmein doesn't need firewall ports to be opened.  So, the below will not matter as well

As I told you: "suspect the problem may happen with any software installed on the VM that receives requests from outside through the firewall with NAT. Swithching to another remote control soft won't avoid future troubles with other software that follow the same path."
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489327
Back to the original issues you are trying to connect remotely through a router to this server or internally through a NAT address setup on VirtualBox?
0
 

Author Comment

by:guillem2011
ID: 36489360
Remotely through an internet connection. I connect to the host with the same remote control soft and it works.

From outside, the connection goes through NAT to the VM.

Internally there is no problem, I don't need any remote control soft I just do it from the virtualbox console.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489432
From outside you can not connect, right? But when Windows firewall is turned off you can connect, right? But you can connect internally no matter what to this server with the same software without any issues
0
 

Author Comment

by:guillem2011
ID: 36489476
Two first questions a right. This is exactly what happens.

When you say "internally" what you mean?. Trying to connect to the VM from the Host? I don't need any remote desktop soft to do it internally. Virtualbox has a management console and I connect to the  VM through it.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489635
From another computer on the servers LAN. Do you have NAT setup within Virtual Box
0
 

Author Comment

by:guillem2011
ID: 36489674
No. I have a VIsta pc. What you mean? To install VB and try to set a VM?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489814
No try to connect to the VM from within the same internal network the VM is on with one of the remote softwares.
0
 

Author Comment

by:guillem2011
ID: 36493627
Done. I connected from a PC between the external firewall and the host. The result is exactly the same. Only works with windows firewall off on the host.

Permanently disabling windows firewall is not an option. External and internal firewall rules are different and specific.
0
 

Author Comment

by:guillem2011
ID: 36493629
100 extra points
0
 

Accepted Solution

by:
guillem2011 earned 0 total points
ID: 36494693
Problem solved.

It was just necessary to create a new rule on windows firewall for a specific port to allow all connections and allowing edge transversal

thanks
0
 

Author Closing Comment

by:guillem2011
ID: 36521330
I found it googling
0

Featured Post

Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Is your company's data protection keeping pace with virtualization? Here are 7 dynamic ways to adapt to rapid breakthroughs in technology.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Suggested Courses
Course of the Month13 days, 17 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question