1

We have a Win Server 2019 (Version 1809, OS Build 17763.1282) with Hyper-V. We want to run a number of Ubuntu VMs using the internal NAT, so we don't need separate external IPs for each VM. The steps we're using are the ones we've seen many examples of across the internet:-

New-VMSwitch –SwitchName "NATSwitch" –SwitchType Internal Get-NetAdapter (to lookup the index of the new "vEthernet (NATSwitch)" - which is 24) New-NetIPAddress –IPAddress 14.0.0.1 -PrefixLength 24 -InterfaceIndex 24 New-NetNat –Name NATNetwork –InternalIPInterfaceAddressPrefix 14.0.0.0/24

We set the properties for the VM network connection to use the NATSwitch, and then configure the VM to have static addresses - 14.0.0.1 for the gateway, and 14.0.0.2 for the VM itself. ie: /etc/netplan/00-installer-config.yaml looks like this:-

network: version: 2 ethernets: eth0: addresses: - 14.0.0.2/24 gateway4: 14.0.0.1 nameservers: addresses: [14.0.0.1]

So on the VM, ip route says:

default via 14.0.0.1 dev eth0 proto static 14.0.0.0/24 dev eth0 proto kernel scope link src 14.0.0.2

and ip a includes:

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:15:5d:1a:84:01 brd ff:ff:ff:ff:ff:ff inet 14.0.0.2/24 brd 14.0.0.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::215:5dff:fe1a:8401/64 scope link valid_lft forever preferred_lft forever

After booting the VM from Hyper-V, I can successfully SSH into 14.0.0.2, with Putty, but the VM does not have access to the internet, and it cannot ping 14.0.0.1. So it looks like the NAT is not doing anything to bridge the 14.0.0.x network to the main NIC on the server (which has internet access of course). From the 2019 Server, I can ping both 14.0.0.1 (itself=the gateway), and 14.0.0.2 (the VM).

We can get things to work with an external address, on our network, by creating an "external switch" in Hyper-V, connecting to that, and using DHCP to get an IP address from our domain controller for the VM's MAC address - but we'd prefer not to have to assign external IP adddresses for all the VMs.

Does anyone have any ideas what we're missing?

Improve this question
3
  • The switch type MUST be an external switch to connect to the internet, OR connect to an external switch via a virtual router. Commented Jun 26, 2020 at 15:29
  • Is that something different to what the Virtual NAT does? None of the examples we've seen eg. here mention any routing steps. (But then again, ours is not yet working, so the guides may be incomplete...) Commented Jun 26, 2020 at 15:42
  • After 2 days of frustration, and less than half an hour after posting the question, we have worked it out !! - it is to do with the Firewall settings on Win 2019. By default they prevent the virtual NAT from working. Commented Jun 26, 2020 at 16:07

1 Answer 1

Reset to default
0

The answer was that out of the box, the firewall settings on our Windows Server 2019 setup on "Guest or public networks" prevented the host from ssh-ing to any of the VMs. Turning the firewall off on that network enabled ssh, although we should configure it properly...

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.