Solved

Cannot connect to VM with NAT through Win firewall

Posted on 2011-09-06
19
652 Views
Last Modified: 2012-06-27
Hi,

I installed Virtualbox on a windows 2000 host. I set a windows
7 virtual machine. Everyting went fine. I also installed a Remote
PC listening software to remotely manage my VM.

My VM is connected through NAT.

The problem is that I cannot connect to the Remote PC software
 when the windows Firewall is activated. When the firewall is
inactive the connection to the remote control software installed
on the VM works perfectly.

I set a rule on my firewall that allows all incoming connections
 to this port to the machine.

I've been browsing and it seems that Windows firewall makes
something weird when it's about NAT but I don't see a solution

thanks
0
Comment
Question by:guillem2011
  • 11
  • 8
19 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36488989
What remote software are you using? Some softwares require and output port to be opened as well
0
 

Author Comment

by:guillem2011
ID: 36489052
I tried with Remote administrator and RealVNC. With both the problem is the same. It only works when win firewall is off. I don't think it's a problem of the remote software.

I suppose that the solution should come on how to correctly set the firewall rules. All outbound ports are open except "File and sharing". I tried to disable the rules that block outbound "File and sharing" without success.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489067
Here is VNC

http://kb.realvnc.com/questions/39/How+do+I+allow+VNC+through+my+firewall%3F

Why don't you use something like logmein.com this uses port 80 and it is free
0
 

Author Comment

by:guillem2011
ID: 36489164
I follow these settings and they work when firewall is off. THe problem is more complex: THe remote software is installed on the WM and is accepting incoming requests from NAT. NAT works when the firewall is off.

I suspect the problem may happen with any software installed on the VM that receives requests from outside through the firewall with NAT. Swithching to another remote control soft won't avoid future troubles with other software that follow the same path.

On the other side, my host is a server that needs port 80 for http. I'm also looking for safe remote control software with full encryption and Remote Admin and VNC have this feature.

I insist, I think the problem is not the software, is the firewall.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489262
What I'm saying is logmein is the best software with the most security.

The software will not conflict with any other software using port 80

https://secure.logmein.com/welcome/access/fasteasy/16/?wt.srch=1&utpk=free%20LogMeIn&destination=/welcome/access/fasteasy/16/&originid=51123&ef_id=UbtOCgTIQVMAAAlb:20110906150235:s
0
 

Author Comment

by:guillem2011
ID: 36489296
Yes but this doesn't solve the main problem.

As I told you: "suspect the problem may happen with any software installed on the VM that receives requests from outside through the firewall with NAT. Swithching to another remote control soft won't avoid future troubles with other software that follow the same path."

and: "On the other side, my host is a server that needs port 80 for http."
0
 

Author Comment

by:guillem2011
ID: 36489315
Let's motivate a little bit. I increase 50
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489317
Ok.

Again "On the other side, my host is a server that needs port 80 for http." that doesn't matter with logmein this will still work without issues.

Logmein doesn't need firewall ports to be opened.  So, the below will not matter as well

As I told you: "suspect the problem may happen with any software installed on the VM that receives requests from outside through the firewall with NAT. Swithching to another remote control soft won't avoid future troubles with other software that follow the same path."
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489327
Back to the original issues you are trying to connect remotely through a router to this server or internally through a NAT address setup on VirtualBox?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:guillem2011
ID: 36489360
Remotely through an internet connection. I connect to the host with the same remote control soft and it works.

From outside, the connection goes through NAT to the VM.

Internally there is no problem, I don't need any remote control soft I just do it from the virtualbox console.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489432
From outside you can not connect, right? But when Windows firewall is turned off you can connect, right? But you can connect internally no matter what to this server with the same software without any issues
0
 

Author Comment

by:guillem2011
ID: 36489476
Two first questions a right. This is exactly what happens.

When you say "internally" what you mean?. Trying to connect to the VM from the Host? I don't need any remote desktop soft to do it internally. Virtualbox has a management console and I connect to the  VM through it.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489635
From another computer on the servers LAN. Do you have NAT setup within Virtual Box
0
 

Author Comment

by:guillem2011
ID: 36489674
No. I have a VIsta pc. What you mean? To install VB and try to set a VM?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489814
No try to connect to the VM from within the same internal network the VM is on with one of the remote softwares.
0
 

Author Comment

by:guillem2011
ID: 36493627
Done. I connected from a PC between the external firewall and the host. The result is exactly the same. Only works with windows firewall off on the host.

Permanently disabling windows firewall is not an option. External and internal firewall rules are different and specific.
0
 

Author Comment

by:guillem2011
ID: 36493629
100 extra points
0
 

Accepted Solution

by:
guillem2011 earned 0 total points
ID: 36494693
Problem solved.

It was just necessary to create a new rule on windows firewall for a specific port to allow all connections and allowing edge transversal

thanks
0
 

Author Closing Comment

by:guillem2011
ID: 36521330
I found it googling
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now