Windows Server 2008 R2 as guest in virtualbox: make accessible from all network nodes within the subnet of my host

networking windows-server-2008-r2 virtualbox windows bridge
6,099

Quick answer: Bridge mode, no adjustments necessary. Existing DHCP server (probably on your router) will assign addresses to the virtual as if it was another physical machine. Accessible as any physical machine would be.

You can have 8 total virtual networks, mix and match as needed. Unlimited number of clients and/or host can access any or all of these networks. (if allowed by virtual type)

RTFM, you need to understand what each networking type is and how it's used. http://www.virtualbox.org/manual/ch06.html#networkingmodes Generally things can be kept "simple" but with VDE networks and creativity you can simulate very complex networks.

VDE - virtual switch - virtualsquare.org

  • you won't need this until you understand and have used all the others

Internal - No host access and no direct internet access

  • often used to test infected machines/programs

Host-only - Host access but no direct Internet access

  • used for QA lab style setups, client-firewall-firewall-servers - all are local virtual clients
  • you can have multiple Host-only networks, each isolated
  • no direct access to Internet or external machines but you can route to Internet through host or any virtual that has multiple NICs (one with externally access either bridged or NAT) and routing configured.

NAT - Host access, routed Internet access through host, uses host's firewall

  • best option at your office, doesn't use extra IP addresses, can use Host's firewall
  • used when you don't control IP address assignment
  • used when you don't need external access but want easy Internet access for virtual client updates
  • you can have multiple NAT networks, each isolated, each translate/route through host to Internet
  • you can have multiple NAT's bound to different physical NIC's (wired or wireless)
  • you only have one(per NIC) external addresses so you must shift multiple common servers to alternate ports. ex. two web servers one on port 80 the other on port 8080. You can do this directly on the server or port forward. ex. virt1:80 virt2:80 accessed locally from the host are port forwarded to ports 8081 and 8082 along with the hosts web server at port 80 to the external interface. Locally, you won't have to use the ports, just access directly using the virtual clients host-only address(es) on port 80.

Bridged - direct access externally, host access is "external", promiscuous packets could be captured between host and it's virtual(s) if plugged into a dumb switch/hub. Direct IP to IP/Host to virtual packets don't go out on the wire.

  • best option for simulating a physical machine
  • easiest at your home, no issues with hosts firewall, all common servers have their own IP so each can run on their standard port(s).
  • uses up IP addresses, one per bridged virtual client NIC
  • each machine manages it's own firewall if needed
  • accessible externally, accesses Internet/external network directly
  • you can have multiple bridged networks if you have multiple physical NICS or if you multi-home a single NIC. You can have one bridged network per NIC or bound IP if multi-homed.

*Bridged, Internal and Host-only are often used for laptop security

  • Host OS does not have an IP address assigned to the physical NIC, Host cannot access Internet. Host also has a Host-only virtual NIC but is this is set to not auto-start. No IP addresses anywhere on the host after startup.
  • A virtual client is bridged and can access and is accessible externally, for us this is a router/firewall/intrusion detection system with multiple virtual NIC's. One bridged, one Host-only for DMZ and another Host-only for internal LAN.
  • When Host needs to be updated (at a secure location) bring up the Host-only internal lan virtual NIC on the host. After updating, bring down the Host-only virtual NIC on the Host. All packets to the host can be filtered, packet analyzed, connections recorded, etc. by the virtual router/firewall/IDS which is the only virtual client that has direct access through bridging to the external networks/Internet.

We run all our laptops this way. You can even VPN through the bridged virtual to attach two or more laptop's host only virtual nets together without either nets being allowed to ever access the Internet (or be remotely accessible). Great for private shared workspace collaboration while traveling/off-site/coffee-house/hotel/etc..

Laptops (and some desktops with wireless or dual NICs) will probably be setup with two (or more) NICs bridged. Virtual can easily be switched (even while running) between the hardwire(s) and wireless bridges.

A typical setup; Laptop with built-in NIC and wireless plus docking station NIC using 8 virtual networks.

  • All 3 physical NICs bridged.
  • 1 internal for testing unknown things.
  • 1 host-only for DMZ servers and services
  • 1 host-only for internal lan - random unknown surfing non-secure
  • 1 host-only for internal lan - known surfing non-secure

  • 1 host-only for internal lan - secure surfing, credit card, banking

  • Host has no IP assigned. Never assign an IP to the physical NIC

  • 1 Virtual client as router/firewall/IDS bridged to whatever Physical is "Live".
  • 4 Host-only virtual NICs to route to the DMZ and host-only internal Lans.
  • Internal is used for testing between two virtuals, each with only an internal virtual NIC. Usually one is networksecuritytoolkit and the other is the test system. The host can't access this virtual network.
  • virtual clients are placed on DMZ or internal Lans per security context.
  • host is temporarily assigned an address to one of the internal host-only Lans virtual NIC when updates are needed and the location is considered "secure". Often this is done through a VPN connected from the bridged virtual router/firewall/IDS back to corporate HQ.

Hopefully I didn't confuse with the common name of Internal for Internal virtual network type and internal lan which is designating a host-only network behind the virtual firewall. (DMZ/external/internal router designations)

This is just the basics, most of which is already over-kill for most use cases. Using VDE and multiple physical NICs you can do extremely complex scenarios on commodity hardware. Some of the above is "standard use". If you're familiar with virtualization you'll probably see some of the possible exceptions. Non-standard uses and custom programming using the SDK can produce edge cases where the above rules no longer apply.

Share:
6,099

Related videos on Youtube

David
Author by

David

Updated on September 18, 2022

Comments

  • David
    David over 1 year

    I want to install Exchange 2010 on a Windows Server 2008 R2 in my virtual box v4 running on my laptop (running Windows 7). Additionally I have a Windows Phone 7 on which I want to access the Exchange installation in order to sync contacts and calendar (no email); later adding maybe Sharepoint. It should be an experimental environment.

    I have read a couple of articles on the web concerning virtualbox's networking possibilities (bridging etc.) but I didn't succeed to set it up in order that network clients which are in my 192.168.1.X Subnet (like the laptop and especially the Windows Phone) can access the virtual Server installation.

    My main problem is that I am overwhelmed with the possibilities to adjust settings.

    I don't think I can use NAT and portforwarding due to the wish to access Exchange. It were probably better to make the Virtual Server accessible to all LAN clients in general. Moreover I want to access the server directly from the phone and not through the Laptop. (Don't know whether this is important for this issue, but Exchange requires a domain and in the future it should also be possible to access the Exchange from outside the LAN - by dyndns or something similar.)

    Here are some of my questions (brainstorming):

    • In VirtualBox: File -> Global Settings -> Network -> Host-only networks -> Virtual Box Host-Only Adapter: Needed at all? If so, which IP? Activate DHCP? If so, which DHCP IP? = IP of my router? Which range? = The routers DHCP IP range?
    • In my network adapter settings on my Laptop: VirtualBox Host-Only Networt -> use DHCP? If not which IP? use automatic DNS? If not, which DNS? (Are these the same settings like in the point mentioned above?)
    • In my network adapter settings on my Laptop: Need to bridge for instance my WiFi and the VirtualBox Host-Only Network adapter? Any special adjustments needed to be applied to this Bridge? IP probably to be within 19.168.1.X.
    • In VirtualBox: In the configuration of the virtual server machine -> Network -> Adapter 1 -> Connected To: Host-only or Bridge?
    • In the virtual server network adapter settings (on Windows Server): Which IP? Use DHCP? DNS?

    Which procedure would you recommend? I feel lost in the middle of nowhere... Thanks in advance for your valuable hints!

  • David
    David about 13 years
    Thanks for this detailed explanation. I now have set up bridges networking. I can reach my router both from my hosted and from my laptop. However I cannot ping the host OS from my laptop nor my laptop from the host OS. Is that a problem? I assume laptop and hosted OS do not see each other over the network. Or am I mistaken?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Share a folder between Windows 8.1 guest and Ubuntu 14.04 host in VirtualBox
How can I host a website in a virtual machine?
Why is VirtualBox Bridged networking slow
VirtualBox Window7 Guest "No Internet Access" with Bridged Networking
Virtual Box Bridged network failed to get IP (DHCP) No DHCPOFFERS received
VirtualBox: ifconfig does not show my ip address
W32Time not synchronizing with PDC after /syncfromflags:domhier
Configuring bridging in Virtual Box to enable access from other computers in network
VirtualBox - VM with bridged adapter can't access internet while host can
Enabling or disabling NIC remotely with windows 2008