Port forwarding to server in different subnet
Solution 1
Eddie Dunn gave me the hint that let me to the answer of my question. (Thanks Eddie)
So the solution is in your gateway firewall forward port 80 to the target machine (hyper-v host)
Then on the Hyper-V host execute this command todo the port forwarding to the server in the different subnet: netsh interface portproxy add v4tov4 listenport=80 listenaddress=192.168.178.10 connectport=80 connectaddress=192.168.137.100
Btw not sure why I get all those --- without explanation. But thats the price we pay for having a system that allows downvoting without requiring feedback for people too learn...
I guess I'm the only sys admin who has a simple testlab? Anyway I hope the end solution helps another :)
Solution 2
You need to add a static route in your firewall router for network 192.168.137.0 with subnet mask 255.255.255.0 with next hope ip address of your server which is 192.168.178.10.
you cannot ping router from your host because your router dont know where the network 192.168.137.0 is which is on 192.168.178.10
Related videos on Youtube
09 : 40
10 : 29
13 : 56
08 : 50
![How to Forward Port -- Two Routers [Port Forwarding] Method 2021](https://i.ytimg.com/vi/6a8sDYvy_Fs/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLBWbEn5T5EIHEoCeBXSC1sEzjAM2A)
13 : 13
07 : 15
09 : 04
Joost Verdaasdonk
A programmer for since 2000 with a big interest in system administration. Overall Quality Systems guy for 20 years now who rides his motor to blow of steam! :) Owner of company CeneSam.
Updated on September 18, 2022Comments
-
Joost Verdaasdonk over 1 year
I'm trying to forward a port in my router firewall to a server in my Hyper-V Server.
My router default gateway is at: 192.168.178.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
My hyper-v server has the following ip config: (Hyper-V internal network switch)
IPv4 Address. . . . . . . . . . . : 192.168.137.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.137.1
DNS Servers . . . . . . . . . . . : 192.168.137.10
This hyper-v server does have internet/access to the router subnet because on the Hyper-V host I enabled Internet connection sharing on the adapter and I've selected the virtual internal network switch as the target.
Those are the details. As it stands now the server can ping the gateway: 192.168.178.1. And on the Hyper-V host I can ping the server. But ofc my firewall router is not aware of this 192.168.137.10 computer so port forwarding to that pc is not possible at the moment.
Would anybody be so kind to think with me how my router/firewall can see the server so I can forward the port? If I need to provide more details let me know
-
TessellatingHeckler over 8 yearsWhat make and model of router/firewall is it? Does the "internet connection sharing" tickbox mean the Hyper-V host is doing Network Address Translation (NAT) and all the guest traffic is being presented to the outside world as if it comes from 192.168.137.x ?
-
Joost Verdaasdonk over 8 yearsThis is a simple ubee (modem/router/firewall EVW320b) One moment enter means post here :) I'm not 100% sure about your NAT question. The hyper-V host adapter is on 192.168.178.10 On that adapter I checked ICS and selected the virtual switch from Hyper-v. So host lives in 192.168.178 world, hyper-v server on switch lives in 192.168.137 world. Both can see each other and ofc my Router / firewall can see the host but not the hyper-v server
-
Eddie Dunn over 8 yearsYou will essentially have to forward twice. Once to the 192.168.178.x (Hyper-V Host) and then again through ICS to your VM.
-
Joost Verdaasdonk over 8 years@EddieDunn do you mean forward to the Host in the firewall? And do I need to forward to the same port as I would normally forward if I could directly contact the server. And how would I forward through ICS? (I've explained above how I enabled it) not sure how todo that
-
joeqwerty over 8 yearsA Hyper-V host isn't meant to do ICS, NAT, firewalling or routing for the virtual machines. Why are you not port forwarding directly to the virtual machine? -
Joost Verdaasdonk over 8 years@joeqwerty This stand alone pc (test lab Hyper-v) only has a Wifi adapter. Hyper-V doesn't support wifi so I use the ICS trick in combination with an internal network switch to get things doing. PS I cannot forward directly because the router/firewall cannot see that VM
-
-
Joost Verdaasdonk over 8 yearsHi Faisal, adding a static route is not an option in my router. That's why I've enabled the double port forwarding solution of Eddie. I agree it would have been nicer to directly access the machine by adding the static route
-
Faisal Saleem over 8 yearsThen you have to configure NAT from router to host and from host to server. in that case you will not be able to ping from server to router (if u forward icmp packets then u can) but if you forward only specific packets like 80 or 443 then not but these services will be accessible from outside network. -
Joost Verdaasdonk over 8 yearsFor others wanting to use the above netsh command. It works very nice but the only downside is it will forward the packages with the listenaddress IP and NOT the real ip from the referrer. For now I didn't find a way/tool that could do this forward on windows 10 with preserving the original request IP.
