[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Cannot connect to VM with NAT through Win firewall

Posted on 2011-09-06
19
Medium Priority
?
680 Views
Last Modified: 2012-06-27
Hi,

I installed Virtualbox on a windows 2000 host. I set a windows
7 virtual machine. Everyting went fine. I also installed a Remote
PC listening software to remotely manage my VM.

My VM is connected through NAT.

The problem is that I cannot connect to the Remote PC software
 when the windows Firewall is activated. When the firewall is
inactive the connection to the remote control software installed
on the VM works perfectly.

I set a rule on my firewall that allows all incoming connections
 to this port to the machine.

I've been browsing and it seems that Windows firewall makes
something weird when it's about NAT but I don't see a solution

thanks
0
Comment
Question by:guillem2011
  • 11
  • 8
19 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36488989
What remote software are you using? Some softwares require and output port to be opened as well
0
 

Author Comment

by:guillem2011
ID: 36489052
I tried with Remote administrator and RealVNC. With both the problem is the same. It only works when win firewall is off. I don't think it's a problem of the remote software.

I suppose that the solution should come on how to correctly set the firewall rules. All outbound ports are open except "File and sharing". I tried to disable the rules that block outbound "File and sharing" without success.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489067
Here is VNC

http://kb.realvnc.com/questions/39/How+do+I+allow+VNC+through+my+firewall%3F

Why don't you use something like logmein.com this uses port 80 and it is free
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 

Author Comment

by:guillem2011
ID: 36489164
I follow these settings and they work when firewall is off. THe problem is more complex: THe remote software is installed on the WM and is accepting incoming requests from NAT. NAT works when the firewall is off.

I suspect the problem may happen with any software installed on the VM that receives requests from outside through the firewall with NAT. Swithching to another remote control soft won't avoid future troubles with other software that follow the same path.

On the other side, my host is a server that needs port 80 for http. I'm also looking for safe remote control software with full encryption and Remote Admin and VNC have this feature.

I insist, I think the problem is not the software, is the firewall.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489262
What I'm saying is logmein is the best software with the most security.

The software will not conflict with any other software using port 80

https://secure.logmein.com/welcome/access/fasteasy/16/?wt.srch=1&utpk=free%20LogMeIn&destination=/welcome/access/fasteasy/16/&originid=51123&ef_id=UbtOCgTIQVMAAAlb:20110906150235:s
0
 

Author Comment

by:guillem2011
ID: 36489296
Yes but this doesn't solve the main problem.

As I told you: "suspect the problem may happen with any software installed on the VM that receives requests from outside through the firewall with NAT. Swithching to another remote control soft won't avoid future troubles with other software that follow the same path."

and: "On the other side, my host is a server that needs port 80 for http."
0
 

Author Comment

by:guillem2011
ID: 36489315
Let's motivate a little bit. I increase 50
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489317
Ok.

Again "On the other side, my host is a server that needs port 80 for http." that doesn't matter with logmein this will still work without issues.

Logmein doesn't need firewall ports to be opened.  So, the below will not matter as well

As I told you: "suspect the problem may happen with any software installed on the VM that receives requests from outside through the firewall with NAT. Swithching to another remote control soft won't avoid future troubles with other software that follow the same path."
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489327
Back to the original issues you are trying to connect remotely through a router to this server or internally through a NAT address setup on VirtualBox?
0
 

Author Comment

by:guillem2011
ID: 36489360
Remotely through an internet connection. I connect to the host with the same remote control soft and it works.

From outside, the connection goes through NAT to the VM.

Internally there is no problem, I don't need any remote control soft I just do it from the virtualbox console.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489432
From outside you can not connect, right? But when Windows firewall is turned off you can connect, right? But you can connect internally no matter what to this server with the same software without any issues
0
 

Author Comment

by:guillem2011
ID: 36489476
Two first questions a right. This is exactly what happens.

When you say "internally" what you mean?. Trying to connect to the VM from the Host? I don't need any remote desktop soft to do it internally. Virtualbox has a management console and I connect to the  VM through it.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489635
From another computer on the servers LAN. Do you have NAT setup within Virtual Box
0
 

Author Comment

by:guillem2011
ID: 36489674
No. I have a VIsta pc. What you mean? To install VB and try to set a VM?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489814
No try to connect to the VM from within the same internal network the VM is on with one of the remote softwares.
0
 

Author Comment

by:guillem2011
ID: 36493627
Done. I connected from a PC between the external firewall and the host. The result is exactly the same. Only works with windows firewall off on the host.

Permanently disabling windows firewall is not an option. External and internal firewall rules are different and specific.
0
 

Author Comment

by:guillem2011
ID: 36493629
100 extra points
0
 

Accepted Solution

by:
guillem2011 earned 0 total points
ID: 36494693
Problem solved.

It was just necessary to create a new rule on windows firewall for a specific port to allow all connections and allowing edge transversal

thanks
0
 

Author Closing Comment

by:guillem2011
ID: 36521330
I found it googling
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A look into Log Analysis and Effective Critical Alerting.
August and September have been big months for VMware—from VMworld last month to our new Course of the Month in VMware Professional - Data Center Virtualization. We reached out to Andrew Hancock, resident VMware vExpert, to have a more in-depth discu…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question