Hyper-V, ICS, RRAS NAT and port-forwarding on Windows Server 2012

Installing and Configuring Network Address Translation (NAT) on your Host Computer to connect Virtual Machines running on an internal Hyper-V Virtual Switch

 

If you are running your virtual machines in an internal network and you need to provide them with internet or connectivity to your corporate network there are a couple different solutions.   One solution is to use your host computer as a router.  In this blog I will discuss how to configure your host as the solution.

 

1. Network Connections on the host machine will now show 3 network adapter cards.
2. 

Configure the Virtual Machines NIC with an IP Address from the Internal virtual network.

1. Start the Virtual Machine if Required.
2. Logon to the Virtual Machine.
3. Using the Properties of the network adapter set an IP Address from the Internal network. I will be using 172.16.0.10/24 with Gateway of 172.16.0.1 and a DNS server address of 8.8.8.8.

Configure the Host Computer Internal NIC with an IP Address from the Internal virtual network.

1. Using the Properties of the network adapter identified as Internal, set an IP Address from the Internal network. I will be using 172.16.0.1/24 with no Default Gateway or DNS server addresses.

The computer’s network prerequisites have been completed.  It is now time to configure the host computer to provide connectivity to the corporate network and the internet.

Install Routing and Remote Access on the Host computer.

1. Open Server Manager, select Add roles and features.
   

1. On the Before you begin click Next.
2. On the Select installation type, ensure Role-based or feature-based installation is selected, click Next.
3. On the Select destination server, ensure the proper server is selected, click Next.
4. On the Select server roles, select Remote access.
   

1. On the Add Roles and Feature Wizard, click Add Features then click Next.
   

1. On the Select features, click Next.
2. On the Remote Access, click Next.
3. On the Select role services, select Routing, click Next.
4. On the Web Server Role (IIS), click Next.
5. On the Select role services, click Next.
6. On the Confirm installation selections, select Restart the destination server automatically if required, click Yes to prompt, click Install.

WARNING:  Server will restart after installation is complete.

        13. If the server restarts, Logon. On the Installation progress, click Close.

Configuring Routing and Remote Access as a Network Address Translation(NAT) server.

1. Open Server Manager, Select the Tools drop down menu, select Routing and Remote Access.
   
   

1. Right click on the server and select Configure and Enable Routing and Remote Access.
2. On the Welcome screen, click Next.
3. On the Configuration page, select Network address translation (NAT), click Next.
   

1. On the NAT Internet Connection, select which Interface is your external interface (Public), click Next.
   

1. On the Name and Address Translation Service, select I will set up name and address services later, click Next.
   

1. On the Complete the Routing and Remote Access Server Setup Wizard, click Finish.
2. If a prompt appears saying unable to open VPN Ports click OK to acknowledge.
3. Nat is now installed.

Your Virtual Machines now have access to the internet and your corporate network.

 

 

接下来配置port-forwarding ：

 

有关NAT 的 Netsh commands for Interface Portproxy 参考：https://technet.microsoft.com/zh-cn/library/cc731068(v=ws.10).aspx#BKMK_1  

 

例子：netsh interface portproxy add v4tov4 3397 192.168.0.2 3389

 

至此，RRAS和NAT的配置就完成了，端口转发也完成了。