Hi,
Setting to NAT would solve that for a normal VM, but then you don't have your custom network with it's own DHCP server etc..
As your intention is to have a Windows AD lab, you'll have to add a gateway / router VM that provides internet access. You could do that for example with pfSense.
That VM should be dual homed, have a network interface on Bridged or NAT so it has access to the host network and another NIC in your LAN Segment.
The IP of the NIC in the lab would be your gateway and should be configured as such in your DHCP configuration settings.
If you want to stay in an all windows world then I guess you could also add the 2nd NIC to your Windows AD server and have your AD server play as router/gateway.
--
Wil
Hello,
Setting to NAT would solve that for a normal VM, but then you don't have your custom network with it's own DHCP server etc..
I believe you mean to say, in case of NAT network connection, a normal VM can be accessed on the internet. Please be kind to explain it practically.
The default configuration of a VM using a NAT network connection would allow you to access the internet if your host can access the internet.
The lab you have configured does not follow that default configuration.
You have put all your VMs in a separate isolated network and there is no actual connection between that network and your host network.
As your intention is to have a Windows AD lab, you'll have to add a gateway / router VM that provides internet access. You could do that for example with pfSense.
I believe you mean to say, using a third party application, pfSense, Windows AD lab can be accessed on the internet.
pfSense is an open source firewall/router computer software distribution based on FreeBSD. IOW, it is not just an application, it involves adding a virtual machine in which you install that router software. There are alternatives here such as for example freesco (Available for Download – FREESCO (Virtual Router) on OVF - Eric Sloof - NTPRO.NL )
On your other questions "Please be kind to explain it practically." I am not exactly sure what you are asking me to do.
My explanation is giving you the general idea without going into details, which is by intent as the details depend a lot on what you are going to end up choosing.
The topic is not exactly virtualisation specific and I'm afraid I do not have the time to walk you through a router configuration of Windows 2016 or specifics on how-to configure pfSense.
There's plenty of information about that available on the internet, providing that you know what to search for.
eg:
VMware Workstation 10 and Pfsense setup
or
Workstation 10 with Freesco router
Note: If you use a pfSense or Freesco appliance, you will have to disable the DHCP server on that appliance as you are already providing DHCP via Windows AD and having 2 DHCP servers in the same network is not a good idea.
Alternatively there might be others jumping in who don't mind walking you through the configuration details.
PS: Just to be clear. This is a community based forum where VMware Workstation users help other users.
So most of the time -like now- you get an answer from a volunteer.
--
Wil
Wila Thank you very much for your explanations and efforts.
Basically I want;
- Internet access in Windows AD DC
- Assign static IP to Windows AD DC and configure DHCP on Windows AD DC so that other VMs must get IP from DHCP configured on Windows AD DC
- Once all done then access the lab on Internet from anywhere
I changed network connection of Windows AD DC and added one more network adapter VNet0. Therefore, Windows AD DC has two network adapters (VNet0 and VNet1).
Initially network type of VNet0 was Bridged and network type of VNet1 was Host-only.
Using Virtual Network Editor, I edited VNet1. While editing VNet1, I see options like followings:
I attached the above image just for showing options. Pls ignore the details shown in the image.
I checked Host-only (connect VMs internally in a private network) and Use local DHCP services to distribute IP address to VMs.
I used Subnet IP as 10.0.0.0 and Subnet mask as 255.0.0.0. Then, I clicked DHCP settings.
In DHCP Settings, I used Start IP address as 10.0.0.1 and End IP address as 10.0.0.5.
After saving all network settings, I turned on Windows AD DC and other VMs. Other VMs are also connected with VNet1.
Windows AD DC has two network adapters but it shows three network adapters like network0, network1 and virtual network. I couldn’t understand why three network adapters?
As I edited VNet1 and I don’t know editing was correct or not but I see VMs can ping Windows AD DC. Also Windows AD DC can ping VMs. Please guide me.
For Internet access in Windows AD DC, I added another network adapter VNet0 whose type is Bridged but No Internet access in Windows AD DC.
I removed VNet0 from Windows AD DC and added another network adapter as NAT.
Now Internet access starts in Windows AD DC.
I couldn’t understand why Internet was not working in Windows AD DC with Bridged network connection?
I hope I explained in details with sufficient information.
Wila please go through the explanation and guide me accordingly. Thanks in advance.
Regards
GnVm
Hi,
On the 1st network adapter that you have now put into a Host-Only network, you should not enable the internal DHCP server, nor configure it with a DHCP range. The DHCP server is provided by your Windows AD server and having 2 DHCP servers in the same network is trouble.
If the 2nd network adapter (NIC) that you added is set to Bridged then it depends on the network your host is in to get a new IP address.
So in that case the DHCP server in your physical network would have to assign an IP address to that virtual network adapter.
There can be reasons why that doesn't work, this can be either a security setting at the host network (your TP-Link configuration) or even that there is no DHCP server at the host network (also a setting at your TP-Link).
Also note that your host network must be in a different network segment as your guest network for this to work.
If your host (physical) network is in the 10.0.0.0/24 range and your internal network is also in the 10.0.0.0/24 range then it cannot work as there's no means of any routing possible.
If you configure the 2nd network adapter as NAT then VMware Workstation will use the host network adapter and the network shows up as a NAT (Network Address Translation) connection, similar to how most home networks are setup. IOW the NIC is in its own network segment and VMware workstation provides an internal DHCP and DNS server to configure that NIC.
See also:
Configuring Network Address Translation
For accessing the internet this could be fine.
You've also said:
Once all done then access the lab on Internet from anywhere
It is possible to connect to a NATted connection via port forwarding.
If you can get the Bridged connection to work then the AD server will show up on your internal network and you can connect to it from any host on your physical network without having to setup port forwarding.
Please have a look at the networking options in the VMware documentation, it might help explaining the concepts
Configuring Network Connections
Finally for accessing your AD server from anywhere outside of your network you have to configure port forwarding on your TP-Link router.
--
Wil
Hi Wila
As per our previous conversations, I tried to setup my lab.
There are two states; State:1 and State:2.
In State:1, I used exiting network connections type i.e. NAT and Host-only
In State:2, I used two custom network connections for NAT and Host-only
At the end, Windows AD DC and a Client PC are not able to communicate and both are not able to access Internet as well.
I attached screen-shots for explaining in details. Pls check carefully and let me know, where I am wrong.
I hope the attached images have sufficient information so that you can guide me better.
Regards
GnVm
Hi GnVm,
Sorry, this is more of a "how to configure my Windows network" question as it is virtualisation specific... and I simply do not have the time to explain and troubleshoot every step on configuring your windows network.
A few parting hints as I sadly won't be able to follow up.
- Only your Windows Server VM should have 2 network cards
- Using routing on your Server VM you should be able to have your other guests have access to the internet
- You also have to configure your DNS server
--
Wil