setting up a virtual nework to connect to the internet

Discussion in 'Virtual and Cloud Computing' started by simongrahamuk, Feb 23, 2008.

  1. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,205
    136
    199
    This is one that I should really know the answer to, but well I dont.

    In the past I have always set up my virtual network (domain) to be local only but I blew it all away yesterday and am now in the process of setting up a new lab.

    Essentially what I want to do is have my server (only one for now) act as a domain controller for my domain and all of the clients use the dc as their gateway to access the internet. I intend to have all of my lab domain on a seperate ip range using static addresses from the dhcp range provided by my router.

    effertively my setup will be (for now)

    Router - Virtual server 1 - client1, client2, etc.

    nothing complex.

    If I set my servers NIC to use NAT through the hosts NIC then as soon as I set the static address that I want to use for the lab I loose my internet connection. Can anyone offer any suggestions as to how I can achieve my goal, i.e. what should I set the server's gateway as? do I need to add a second NIC?

    :blink
     
  2. Jock_McTartan

    Jock_McTartan Bit Poster

    15
    1
    8
    You need to set the VMs NIC behaviour as host interface (depending on software used may be called something else) - effectivaly it is then seen as another box on the network so you add an IP in the same range as your other PC's
     
    WIP: 70-270, Linux+
  3. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,205
    136
    199
    Yep, that would be using bridged networking. but what I want to do is have my lab on a completely seperate Ip range from that of other clients (virtual or physical) and yet still allow them to connect to the internet without me having to use something such as ISA. 8)
     
  4. Stoney

    Stoney Megabyte Poster

    731
    23
    69
    If the server (dc) is a virtual server, then you just need to specify in the settings how the virtual network card should operate.

    Now i've only done this with MS Virtual pc so forgive me if you're using VMware. On the virtual machine (server) you would go to the NIC settings and set the NIC to name of NIC card installed on host machine. This allows the virtual NIC to operate in the same way as the host NIC and such gives you direct access to the internet.

    For the virtual clients you would set the NIC to local, so that they only operate within their own little virtual world and do not get direct internet access. They can connect to a virtual LAN and get a DHCP address etc, etc, they just can't be part of the hosts LAN or connect to the internet.

    I would guess you would then need to setup ICS or something on the virtual DC so that when the virtual clients are part of the virtual LAN they can connect to the DC and get internet access.

    HTH 8)
     
    Certifications: 25 + 50 metre front crawl
    WIP: MCSA - Exam 70-270
  5. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,205
    136
    199
    Thanks Stoney, but its still not what I'm looking for.

    In VMware (fusion) you have three options as to what you do with the nic.

    1) Bridged - Appears on the physical network as another device
    2) NAT - Uses the hosts network connection to access the internet so that all traffic looks asthough it is coming from the host and not the vm
    3) Local only - the vm can only communicate with the host machine and other vm's on the physical pc.

    Now bridged is what I would use if I wanted the virtual server to appear on the physical network as another device, but i don't want that. I want the VM to be able to acces the internet but use an IP Address on a completely different subnet to that of the physical network, hence why I thought using the NAT option would do what I wanted, essentially doing what a real world router would do and convert my virtual network traffic to my hosts physical address and vise versa. However when I set my IP up on the server I can no longer access the intenet.

    :unsure
     
  6. monkey

    monkey New Member

    3
    0
    20
    Tar Very Much!!!
     
    Certifications: MCP
    WIP: MCSA
  7. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    Not sure how you accomplish this in a VM set up but on a real server.. you need to set up RRAS with two NICS.
    Make sure you have a route that passes all traffic not destined for your clients subnet to be passed to the other NIC's subnet.
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  8. Cooksan

    Cooksan New Member

    1
    0
    10
    Hi Si

    This is my first post, so be gentle.

    Have you tried giving the DC 2 NICs, one as a NAT and the other on 1 of the virtual switches in VMware that you could switch off the built in DHCP. That way the DC and Clients could be assigned Static IPs. Then you would need to activate ICS on the NAT NIC in the DC and use the Static IP of the Local NIC as the gateway and DNS server for the clients. I have only used VMware a little at work but have read the manual for it quite a bit, yes I know I am SAD. I am sure there is about 10 virtual switches and they can be altered in the programme.

    Hope this helps. How did I do for a first post.
     
    Certifications: MCP
  9. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,749
    200
    246
    there are a few ways of accomplishing this
    I think I posted a very similar response just this morning to a near identical question


    there are two ways of doing it, both will require a virtual 'bridge' system to join the two networks

    in a routed way, it will bee (Bridged)-(Host Only)
    the remainder of the VMs will be (host Only) on the same VMNet and talk to your internal network via the gateway

    in order for these to connect to the internet you physical gateway (router) will need a route back to that private network


    the second would be to have the gateway in a (NAT)-(Host Only) config
    as its doing NAT this would remove to requirement for the Physical gateway to have a route, as the NAT is translating the private VMnet addresses to your real network range, no route is thus required


    Hope that sort of helps
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  10. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,205
    136
    199
    This is in essence what I have set up.

    NIC 1 - NAT -IP 192.168.10.2
    NIC 2 - LO - IP 192.168.10.1

    Clients will have 192.168.10.X addresses

    I think that my question now though is what should I set the Default Gateway as on the NIC's. On the NAT NIC I have set the GW as its self (192.168.10.2) and on the Local Only NIC I have set the GW as the address of the NAT NIC.

    What would I put for the DNS servers on each NIC? obviously for the LO one I'll set it as itself but what about the NAT one?

    Also I'm sure that I have set up simillar before using MS Virtual PC, but never VMWare. As I recall the VPC method just worked, so I'm struggling to see why as soon as I set a private address on the NAT interface I loose connection to the web?
     
  11. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,749
    200
    246
    Your routing is messed up if both nics are on the same subnet

    either put all the systems on the NAT setting, or if u need the gateway method then make sure the NAT interface is different to all the host only interfaces and route between
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  12. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,205
    136
    199
    Ok, so forget about how my routing is setup for now (I'll sort that out later).

    The problem is this If I disable all interfaces except the NAT interface I should be able to get out to the internet, right? On a client I have done just this, single NIC gave it a static IP, for now say 192.168.10.5, standard class c mask, no default gateway or dns set. as soon as I set that address I no longer have internet access. prior to that the web works?

    Ryan this couldn't be something to do with the fact that its VMWare fusion could it? :blink
     
  13. takasa

    takasa New Member

    3
    0
    1
    Wouldn't you lose net access when you take out the gateway and DNS settings?
     
  14. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,205
    136
    199
    On a physical network connection yes, but because I'm trying to see how/why NAT doesn't seem to be working I'm not too sure. 8)
     
  15. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,749
    200
    246
    it COULD be fusion, the base network stack is the same as Workstations as far as I know, but the options are very limited (sort of dumbed down like a lot of mac software)
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  16. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    What IP range have you given the NIC's and have you set your default gateway outside of this range?
    What about you subnet mask is it 255.255.255.0 ?:blink

    Si - what software are you using? - Microsoft virtual server or VMware? Also which version is it?
     
    Certifications: Comptia A+
    WIP: Comptia N+
  17. wizard

    wizard Petabyte Poster

    5,767
    42
    174
    Si already mentioned what software he is using in this post:

    http://www.certforums.co.uk/forums/showpost.php?p=207270&postcount=5
     
    Certifications: SIA DS Licence
    WIP: A+ 2009
  18. UCHEEKYMONKEY
    Honorary Member

    UCHEEKYMONKEY R.I.P - gone but never forgotten. Gold Member

    4,140
    58
    214
    Certifications: Comptia A+
    WIP: Comptia N+
  19. greenbrucelee
    Highly Decorated Member Award

    greenbrucelee Zettabyte Poster

    14,292
    265
    329
    Sorry to hijack this thread but how many OSs should I be running on my virtual network?

    At home I currently have two XP pro PCs linked but plan to set of virtual network with trial OS software, like win2k3 trials etc that come with some of the books I'll be needing.

    I am still not sure what I'll use either VMware or Virtual PC.
     
    Certifications: A+, N+, MCDST, Security+, 70-270
    WIP: 70-620 or 70-680?
  20. thiswilldo

    thiswilldo New Member

    5
    0
    1
    Hi Simon,
    I was trying to achieve, as I understand it, the same thing as you. This approach has been touched upon in this thread and elsewhere but maybe more specific instructions might help.

    1. Ensure your Server 1 has two Nics, one LAN Segment (Local Only) and one Bridged (could use NAT also)
    2. Give Server 1, Local Only NIC a Static IP, set the default gateway as itself. E.g.
    IP: 192.168.10.1
    SM: 255.255.255.0
    DNS: 192.168.10.1
    DG: 192.168.10.1

    3. Your 2nd NIC should have picked up an IP from the DHCP on your router if using Bridged or be sharing the IP of your host machine - confirm this is the case by running ipconfig /all. As said previously, would recommend these are on different subnets.

    4. Goto Start/Administrative Tools/Routing and Remote Access. In the MMC click on Action and then Configure and Enable Routing and Remote Access, click next, select the 2nd option - NAT, Allow internal clients to connect to the Internet using one public IP address. Click Next.

    5. Your 2 NICs should show in the list. Select the Bridged NIC that will be used for Internet Access. Click Next and Finish.

    You should now be able to access the Internet from your Server whilst maintaining a separate DHCP server in your virtual network. For the clients ensure the default gateway points to your server 1 IP (192.168.10.1)

    Hope that's useful. I've only just starting learning about RRAS for 70-291 so if anyone has any other input feel free.
     

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.