Network NAT DHCP

[SIR-PHD]

Hello everyone,

With VirtualBox 5 :
I have the following configuration:
host PC: Windows 7 with Virtutalbox 5, the setup of net is : NAT netwok
VM PC : 1 serveur 2012r2, fixed IP address, DHCP server
1 Windows 7, DHCP Client enabled
1 Windows 10. DHCP Client enabled

I can not disable the DHCP Network NAT

The command DHCPSERVER remove ... does not work for this type of connection.

Thank you for your help

Philippe

[Smackey's dad]

With NAT Network there is no virtual networks defined. So there is no DHCP configuration required. The NAT guest network interface is assigned to the IPv4 address subnet of 10.0.x.0/24. “x” corresponds to the VM's virtual network adapter number (of the said NAT interface) plus one. Only outgoing connections from the VM are permitted.

However, NAT Port Forwarding option, enables port forward with NAT Network Interface mode. The port forward happens via the host, unlike a typical port forward that happens from a LAN Router. Port forwarding allows connection to the guest to specific ports/services on the guest.

What is it you are not able to achieve that you may be trying to?

[scottgus1]

VM PC : 1 serveur 2012r2, fixed IP address, DHCP server
1 Windows 7, DHCP Client enabled
1 Windows 10. DHCP Client enabled

Philippe, it looks like you're setting up a test domain. See section 6 in the Virtualbox manual for the different forms of networking available.

Virtualbox has two kinds of NAT now: regular NAT and a NAT network service. Regular NAT ("NAT" in the dropdown) connects each PC to the host's network connection via an independent channel. The host and other guests cannot connect to the NAT-connected guest. (The NAT guest can, however, see any services and shared folders on the host's network.) This form of NAT will not work for a domain test setup.

The NAT network service ("NAT network" in the dropdown) is like a home router, NAT to the outside world and multiple "LAN" guest connections. All the guests connected to this "NAT network" can see and communicate with each other. You need to make a new NAT network in the main Virtualbox window, File Menu, Preferences, Network. Then attach the guests using the name of the NAT network you made in Preferences. (I have not tested this form of NAT network, but I would assume it also allows shared folders and services on the host's physical network to be usable by the guests.) Best of my knowledge there is no firewall in this router-like network arrangement.

One suggested way to test this sort of setup is using an internal network between the domain controller and the clients. This will completely isolate the guests so no interference with the host network is possible.

If you want internet in the test network you could use the NAT network service. You may still be able to see and use host network services, too, and the domain-controlling aspects of the server may possibly try to start controlling the host network.

If you want the internet but also want to block access to the host services, use an internal network for the guests, and add another guest to the network with a router/firewall OS like pfSense. This router guest would have two network cards, NAT on one and the domain guests' internal network on the other. A firewall rule would stop access to the host network but allow internet, and you'd turn off the DHCP server in the router guest so the Windows domain controller can handle DHCP. See viewtopic.php?f=1&t=76667#p356720 for the pfSense firewall rule.