VPN via VirtualBox in einem Active Directory umfeld

Allgemeine Diskussionen über den Einsatz von VirtualBox.
Post Reply
DaFox
Posts: 1
Joined: 4. Jul 2021, 12:10

VPN via VirtualBox in einem Active Directory umfeld

Post by DaFox »

Hallo, ich habe ein "kleines" Problem.
Aktuell laufen 4 Virtualserver in einem eigenen Netzwerk.
active directory Server 1 & 2
Exchange Server und einen Fileshareserver (auslagerung von Emailanhänge)
Nun habe ich einen Virtuellen Windows 10 Rechner installiert und diesen auch im Netzwerk registriert. Nun versuche ich einen VPN verbindung zu erstellen. Aktuell habe ich die Software "SoftEther VPN"
Bei mir hapert es bei den Portfreigaben, da wenn ich die Software direkt auf dem Hauptserver installiere es funktioniert.
Folgende Ports habe ich freigegeben: TCP 440,990,5555 und UDP 500,4500
Auch wenn der Virtualpc nicht in dem active directory Netzwerk ist klappt es nicht.
Hat einer eine Idee bzw. Vorschlag wie man die das Problem löst?

Gruss, DaFox

Nachtrag: Er nimmt immer andere Ports zum Verbinden. Wie kann man das einstellen das er freie Verfügung hat?
Attachments
04-07-2021 12-21-39.png
04-07-2021 12-21-39.png (35.35 KiB) Viewed 6745 times
04-07-2021 12-19-16.png
04-07-2021 12-19-16.png (18.68 KiB) Viewed 6745 times
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: VPN via VirtualBox in einem Active Directory umfeld

Post by scottgus1 »

I have been pondering on this topic for a while but I'm not certain how to troubleshoot it.

You appear to be using a "NAT Network" for the private network your Active Directory runs on. See Virtualbox Networks: In Pictures: NAT network.

If the Windows 10 PC you're trying to add is connected in the NAT Network, then it should be in the same network with the four existing VMs. Hardware-wise, they're all connected to the same "switch". You should be able to ping between the new Windows 10 VM and the other VMs, and you should be able to ping the host from every VM (you cannot ping the VMs from the host, because of the NAT router in between the VMs and the host, and there is no port to open to allow through-router pinging). Also, Windows Firewall defaults to disabling response to Ping, so the ICMP Echo Request has to be enabled in each Windows OS firewall.

If all these pings (between VMs and to the host) work, then the Virtualbox network is working, and there is some OS or maybe Port Forwarding configuration that prevents your VPN from working.

To the best of my knowledge there isn't a way to open ports in NAT Network from the VM's OS (I surmise that is what "free disposal" means). You could try looking through the PDF of the manual https://download.virtualbox.org/virtual ... Manual.pdf

One thing you should not need in the Port Forwarding settings is the Host IP address (the part you blocked out in the first screenshot). Host Port, Guest IP, and Guest port are all that is needed to let the host or any other host LAN computer into the NAT Network.
Post Reply