1:1 NAT With Virtualbox Virtual Machines on Windows Server 2012 Host
Problem: I rent a server that doesn’t allow you to use bridged mode with virtual machines due to port security which only allows one mac address to connect to their switch. Normally, you would just use bridged mode, and assign a VM the external IP address you get from your ISP, but that won’t work here. I was told I needed to use NAT to connect my VM’s to the internet.
Virtualbox supports NAT mode, but then you have to set up port forwarding for any services you need to use. This can be an issue especially for services like FTP which when in passive mode needs port 21 for login and control, and a port range for the data channels. Most FTP services allow you to assign a range of ports to use, so you can forward them, but Virtualbox doesn’t support port range forwarding, so you have to forward each port individually. A much easier way to deal with a situation like this is to use 1:1 NAT also known as basic NAT or 1 to 1 NAT, but Virtualbox doesn’t support that either.
Solution: Virtualbox does support a networking mode called host only networking. This basically acts as a virtual switch that is connected to a virtual NIC on your computer. So if you set up windows server for NAT, you can use windows server’s 1:1 Nat abilities. Here’s how.
1. Set the VM to use host only networking in the virtualbox interface, Then set a static IP address in your VM in the 192.168.56.2-254 range. Setting a static IP address can vary from one host to another, so I won’t go into that.
2. In server manager add roles and features
3. Check remote access
4. Check routing
5. Open Routing and remote access, right click on your server and choose configure and enable routing and remote access.
6. Choose network address translation (NAT)
7. Choose your NIC attached to the external network.
8. Choose to set up dns and dhcp later
9. Once it finishes setting up RRAS expand ipv4, and click on NAT, then double click Ethernet.
10. Under the address pool tab click add, and add your IP address pool given to you by your ISP or hosting provider.
11. Click reservations, then add, and input the external address you want to map to your VM, and the static IP address you gave it in the first step, and check allow incoming sessions to this address.
12. Then just hit ok until you get back to routing and remote access, and you should be all set! Your static, external IP address now maps to your VM’s internal address, and any services that your vm’s firewall or security software aren’t blocking can be accessed from that IP address.