Page 1 of 1
Internet Access from inside the Virtual Machine.
Posted: 26. Aug 2011, 03:08
by RDP Live
Hi all,
I have a Windows 7 OS laptop, running Virtual Box for Windows 4.1.2, and I have ONE Windows 2008 Server (64bit), running in a VM in Virtual Box, and no matter what I do to get internet 'into' my Server 2008 VM, I simply cant get it to work.
I have got my network interface set as, HOST-ONLY adapter, Intel PRO/1000 MT Desktop and the IP config is set as 192.168.204.1 with a 255.255.255.0 mask. I have adjusted pretty much everything...but there must be something i am missing. I can access it via UNC so there is connectivity to it, (netowrk wise) but there is no internet access from within the VM.
Just a quick note: The one server i am trying to get working is setup with DNS, DHCP and has Active Directory on it too, AND i DO NOT have DHCP setup on my Network Adapter in the Virtual Box settings. I doubt this shoudl affect the internet connectivity though (??)
In a nutshell, I am setting up a home lab and I want to sort out this internet issue before I start adding new servers. My laptop is a high-end HP Elitebook laptop with 16GB of ram and 2.2 QUAD core...so my specs are more than capable of this lab I am attempting to build.
Been at this for about an hour now..and i just cant seem to get it working, so any help or advice would be great!! If anyone has this setup already working for them...then i'd love to know how you have this setup!!
Thanks in advance,
Martyn.
Re: Internet Access from inside the Virtual Machine.
Posted: 26. Aug 2011, 03:46
by BillG
You will have more success if you run your domain in its own IP subnet in its own network. I would use an internal network.
Connecting a domain to the Internet is not easy (nothing to do with VirtualBox). A simple NAT router which works for a workgroup fails because of the way AD works with DNS. (The DNS relay method used by NAT is not compatible with AD. AD clients should use the DC _only_ for DNS). You need to run a NAT router which you can configure (RRAS in Windows Server or a router like pfsense in Linux) not the built-in NAT service. You need to set up so that the domain members use the NAT router as their gateway but use the DC for DNS. Your local DNS needs to forward to a public DNS so that it can resolve foreign URLs for its clients.
Re: Internet Access from inside the Virtual Machine.
Posted: 26. Aug 2011, 14:27
by RDP Live
Hi Bill,
Thanks for the quick response!! I will msg you back to let you know how things get on.
Cheers again
Martyn.
Re: Internet Access from inside the Virtual Machine.
Posted: 26. Aug 2011, 15:58
by mschwartz
See the link in my signature.
Re: Internet Access from inside the Virtual Machine.
Posted: 26. Aug 2011, 18:33
by RDP Live
My network is setup as follows:
My IP for the VirtualBox Host Only adapter is 192.168.204.1, with a subnet mask of 255.255.255.0
My FIRST Windows 2008 server's IP is 192.168.204.2 and this is set to STATIC and has been promoted to my DC, DNS server and DHCP server. For the gateway i have entered 192.168.204.100. Is the gateway where i have it wrong??
My additional PC's are assigned an IP from a scope set in DHCP to grab an IP between 192.168.204.10 & 192.168.204.20 (i'm only going to have a few machine in the lab, so 11 should be fine).
Setting the Default Gateway at a random value of 192.168.204.100, 'I think' is causing the issue here, maybe??? as no matter what i have done, even following both sets of instructions, i still cant internet access into my Virtual 'LAB' environment.
What am i missing???
I am running a Windows 7 laptop, and all my VM's are Windows Server 2008 R2.
Thanks.
Re: Internet Access from inside the Virtual Machine.
Posted: 27. Aug 2011, 04:23
by BillG
It is always a help to know a little about networking before you try to set one up. It also helps if you actually read the replies.
A default gateway is where all non-local traffic is sent (ie all addresses not in the local subnet). This will be the IP address of the router which connects this network segment to the rest of your network. Using 192.168.204.100 is fine, as long as that is the IP you give to the NIC which is your gateway.
Why are you still using Host Only?
Re: Internet Access from inside the Virtual Machine.
Posted: 27. Aug 2011, 04:26
by BillG
mschwartz wrote:See the link in my signature.
Not a great help when the OP is setting up a Windows domain on his virtual network.
Re: Internet Access from inside the Virtual Machine.
Posted: 28. Aug 2011, 02:03
by BillG
BillG wrote:It is always a help to know a little about networking before you try to set one up. It also helps if you actually read the replies.
A default gateway is where all non-local traffic is sent (ie all addresses not in the local subnet). This will be the IP address of the router which connects this network segment to the rest of your network. Using 192.168.204.100 is fine, as long as that is the IP you give to the NIC which is your gateway.
Why are you still using Host Only?
See if this discussion helps you.
http://social.technet.microsoft.com/For ... e380c9578a
Note that an internal virtual network in Hyper-V is not the same thing as an internal network in VirtualBox. A VirtualBox internal network is more like a private virtual network in Hyper-V. A Hyper-V internal network has an interface in the host (a bit like Host Only in VirtualBox).
Re: Internet Access from inside the Virtual Machine.
Posted: 28. Aug 2011, 02:46
by BillG
This topic keeps coming up, so here is a simple diagram of my recommended setup (using the IP addresses of my own network).
Internet
|
DSL router
192.168.0.1
|
LAN machines (including host)
192.168.0.x dg 192.168.0.1
|
192.168.0.254 dg 192.168.0.1
vm NAT router
192.68.31.254 dg blank
|
DC vm
192.168.31.1 dg 192.168.31.254
| dns 192.168.31.1
|
AD member vms
192.168.31.x dg 192.168.31.254
dns 192.168.31.1
The 192.168.0.0/24 is the physical network. 192.168.31.0/24 is a VirtualBox internal network. The vm router has one 192.168.0 NIC (bridged to the physical NIC in the host machine) and one 192.168.31 NIC in the virtual network. This is in fact the gateway for the internal network.
DNS in the DC is set to forward to a public DNS server. You can use your ISP's DNS or a public DNS like 4.2.2.2 or 8.8.8.8 .
This setup works with any virtualization software (or physical machines for that matter). You can use DHCP in your domain network if you want because it is isolated from the physical network.
The important part is that AD is not comptible with standard NAT. You have to make sure that the machines behind NAT use the NAT router as a gateway but not for DNS. The standard NAT method of DNS proxy will not work with AD. AD depends on DNS to find AD resources so AD clients should use the local DNS only. No other addresses, even as secondaries. The DC itself therefore has to be able to resolve foreign URLs for itself and its clients.
Access to the Internet from inside the private AD network actually uses two NAT routers but you will not notice any delay. It is possible to use normal LAN routing on the internal router but that requires extra routing on the physical router (to get Internet traffic to the internal router).