Windows 10 pro as a NAT between two interfaces (to route VM ...

Is there a way to achieve this in win10 pro, or do I need windows server? This is annoying also because this particular vpn software isn't well ... ServerFaultisaquestionandanswersiteforsystemandnetworkadministrators.Itonlytakesaminutetosignup. Signuptojointhiscommunity Anybodycanaskaquestion Anybodycananswer Thebestanswersarevotedupandrisetothetop Home Public Questions Tags Users Unanswered FindaJob Jobs Companies Teams StackOverflowforTeams –Collaborateandshareknowledgewithaprivategroup. CreateafreeTeam WhatisTeams? Teams CreatefreeTeam Teams Q&Aforwork Connectandshareknowledgewithinasinglelocationthatisstructuredandeasytosearch. Learnmore Windows10proasaNATbetweentwointerfaces(torouteVMtraffictroughaVPNconnectiononthehost) AskQuestion Asked 3years,10monthsago Modified 2years,5monthsago Viewed 20ktimes 4 4 Ihaveawindows10prohostwithVMsrunninginHyper-V.TheVMsareonaprivateLANwiththehost.IwouldliketoprovideinternetconnectivitytotheVMs,andhavetheVMtrafficgothroughtheVPNconnectionconfiguredonthehost.TheparticularsoftwareVPN(pulsesecure)doesn'tcreateaninterfacethatis"bridgeable"withthevswitch. Myhyper-VVMsareon192.168.4.0/24,andmywindows10hosthasavirtualinterfaceon192.168.4.215/24whichIwouldliketouseasagatewayfortheVMstraffic.IwouldliketousetheroutingtablesonthewindowshosttoroutetrafficfromtheVMson192.168.4.0/24togothroughaVPNinterfaceconfiguredonthehost. InormallyprovideinternetconnectivitytoVMsbyputtingthemonaLAN,creatingavirtualinterfaceforthehostonthatsameLAN,andthenbridgingthevirtualinterfacetoaphysicalinterface(eitheraphysicalNICorawirelessNIC).Inthiscasehowever,VMtrafficwouldbypassthesoftwareVPNconfiguredonthewindowshost--IwouldliketheVMtraffictoberoutedthroughtheVPN,thesamewaythattrafficfromhostapplicationsarerouted. WhenIactivatetheVPNconnection(pulsesecure),anewvirtualinterfaceshowsuponthehost,at10.0.0.100/32,andadefaultrouteisautomaticallyaddedtothehost'sroutingtabletopointto10.0.0.100asthedefaultgateway.Thiseffectivelymakesalloftheexternaltrafficgeneratedbythewindowshostanditsdesktopapplicationsgothroughthevpninterface. Iwouldliketoconfigurethehosttore-route/forwardallincomingIPtrafficfrom192.168.4.0/24ontotheVPNinterface,possiblyNATed.NormallyIwouldbridgetheinterfacesIwanttoconnecttogether,butthisparticularvpnadapterwillrefusetobebridgedtoanything. Isthereawaytoachievethisinwin10pro,ordoIneedwindowsserver?Thisisannoyingalsobecausethisparticularvpnsoftwareisn'twellsupportedinLinux. networkingvpnnatwindows-10 Share Improvethisquestion Follow editedFeb27,2019at0:27 init_js askedMay10,2018at7:37 init_jsinit_js 21111goldbadge44silverbadges1010bronzebadges 3 1 WhyNAT,whichissomethingyouwanttoavoidifatallpossible?Thissoundslikeasimplecaseforrouting. – RonMaupin Nov19,2018at18:42 MaybeIdon'tneedNATper-se.Iwouldnormallybridgeavirtualinterface(whichisonthesameLANastheVMs)toaphysicalinterface,butthenI'dbebypassingtheVPNinterface.ThatpulsesecureVPNinterfacecan'tbebridgedtoanything,andbyvirtueoftheVPNusinga/32asitsaddress(IwishIcouldchangeit)meansIalsocan'tplaceanythinginitssubnetanduseitasagateway.ItseemedthatmyonlyoptionwastomaketheVMtrafficre-enterthehost'sroutingtable.IthoughtofNATasapotentialsolution. – init_js Nov19,2018at18:48 Right,youroutebetweennetworks.YouonlyuseNATwhenyoumust(private-to-publicoroverlappingnetworkaddressing).Bridgingiswhatyoudoonthesamenetwork,butroutingisbetweennetworks. – RonMaupin Nov19,2018at18:51 Addacomment  |  1Answer 1 Active Oldest Votes 2 I'vemanagedtogetsomethingworkingonWindows10,bycreatingaHyperVNATinterface.Ibelieveyou'llneedwindows10proforthat.Win10homedoesn'thaveHyper-V(yet). Thishasworkedquitewell: https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/user-guide/setup-nat-network CreateaNATinterfaceusingpowershellusingtheinstructionsinthelinkabove.Thereisapparentlyalimitof1suchinterfaceaccordingtothedocumentation,butonmycomputertherearecurrently2activevNATinterfaces:oneI'vecreatedmyself,andonecalledDockerNAT,whichgotcreatedbyDockerforWindows.ThisstepwillgiveyouanewvSwitch,andassignitanIPonthehost. InHyper-V,edittheVM'ssettingstoaddanewnetworkinterfaceconnectedtotheNATswitchinterfacecreatedinstep1. OntheVM,assignthenewnicastaticIPonthatNATsubnet(e.g.ipaddradddevethX192.168.0.100/24),andconfigurethedefaultgatewaytobethevSwitchIP,e.g.(routeadddefaultgw192.168.0.1ethX) Addanynameserverto/etc/resolv.conf(e.g.echo"nameserver8.8.8.8">>/etc/network/interfaces) TheeffectofusingtheNATinterfaceisthatthetrafficcomingoutofanyVMusingtheNATvSwitchwillbemasqueradedbehindthegatewayIP(192.168.0.1inmyexample),andwillbere-routedinternallyusingtheroutingtableofthewindowshost.So,whenIturnontheVPN,thiswillre-routealltheNattedtraffictotheVPNtoo. TherearemanycaseswhereIwanttoaccesstheVMfromthehostdirectly,whichtheNATmakesdifficult(everythingwillbebehind192.168.0.1).Ratherthandoingabunchofdynamicportforwarding(whichisalsopossibletoowithpowershell),I'vesimplycreatedanotherinternalnetworkbetweenthehostandtheVMthatisnotNAtted(e.g.192.168.5.0/24). Share Improvethisanswer Follow editedOct6,2019at21:30 answeredMay10,2018at8:35 init_jsinit_js 21111goldbadge44silverbadges1010bronzebadges 3 NATisakludgethatissimplyintendedtoextendthelifeofIPv4untilIPv6isubiquitous.Itisnotintendedtoreplacerouting.Ifyouhavenon-overlappingprivatenetworks,simplyroutebetweenthenetworks,notuseNAT. – RonMaupin Oct6,2019at22:00 Iagree.Butyouneedwin10server(notpro)toconfiguredecentrouting,afaik.TherouteswouldneedtobemodifiedwheneverthesoftwareVPNkicksinandouttoo.ThisNATthingissetandforget. – init_js Oct6,2019at22:03 1 Ihavedonethesamething(includingstep4)andIcanpingmyvSwitchgatewayaswellastheactualroutergatewayandanyotherIP,howeverDNSjustdoesnotwork...nslookup,dig,pingallfailmiserably:-(ItriedonFedoraandUbuntu-Iamprettysurethisisanissuewiththevmswitch – LeonardoSeccia May16,2020at19:47 Addacomment  |  YourAnswer ThanksforcontributingananswertoServerFault!Pleasebesuretoanswerthequestion.Providedetailsandshareyourresearch!Butavoid…Askingforhelp,clarification,orrespondingtootheranswers.Makingstatementsbasedonopinion;backthemupwithreferencesorpersonalexperience.Tolearnmore,seeourtipsonwritinggreatanswers. Draftsaved Draftdiscarded Signuporlogin SignupusingGoogle SignupusingFacebook SignupusingEmailandPassword Submit Postasaguest Name Email Required,butnevershown PostYourAnswer Discard Byclicking“PostYourAnswer”,youagreetoourtermsofservice,privacypolicyandcookiepolicy Nottheansweryou'relookingfor?Browseotherquestionstaggednetworkingvpnnatwindows-10oraskyourownquestion. TheOverflowBlog CelebratingtheStackExchangesitesthatturnedtenyearsoldinQ12022 Newdata:Whatmakesdevelopershappyatwork FeaturedonMeta WhatgoesintositesponsorshipsonSE? StackExchangeQ&AaccesswillnotberestrictedinRussia Related 35 Howtoroutedifferenttrafficthrudifferentnetworkinterfaces(inWindows) 1 HowtokeepgeneralinternettrafficoffWindows2008R2VPNandonlyhandleVPNtraffic? 0 AfterNAThowtosetupVPNinwindowsserver2008r2? 1 RouteVPNTrafficFromLinuxBoxToWindowsBox 1 Isitpossibletobridge/jointwoormorevritual(Hyper-V)switcheswiththesameaddressrangeoverVPN? 0 HowdoIrouteinternetdestinedtrafficthroughVPNonaServer2008boxactingasagateway? 0 OpenVPNonWindows10withoutredirect-gatewayoption,orwithoptionsjusttohandleVPNtraffic 0 HowtoroutetrafficfromhostinVPCviahostindifferentVPC HotNetworkQuestions Prepositionwithabschreiben FirefoxRestartRequired-howtodisable Visagranted,mayIaskanothervisaandconservethefirst? RandomlyRounding Semicirclevshemisphere Whatdoes"Ineeda10insilver"mean? Howtorepairleathersupportsonaslingchair? AmIallowedtoconvertsomefunctionsfromGPLv2projectanduseitincommercialproject? InteractionbetweenEsix,FractalBloomandForbiddenOrchard RejectingASigningBonus-HowToAvoidRedFlags? WhysomeFIDOsecurityfobsusekeyboardemulationmode? WhichscheduledflightisthemostimpactedbytheRussia/Ukraineairborderclosure? jwstalignedtestimageMarch16,2022-artifactremoval? Howcanhomunculibepreventedfrombeingusedasaslaveraceforhumansacrificeasopposedtoconqueredpopulations? Concurrentogr2ogrprocessingofGeoJSONusingoffset/limit WhatarecommonreasonsforUSimmigrationofficerstodenyentryinthecountry? HowcanIaddaverticalspacingina`CheckboxBar`? HowcanIinsertthebackslashcharacter(\)beforequotationmarks("")inEmacs? InterpolationFIRfilteroutputspectrum howtoprint2consecutivelinesseparatedby1blanklineintoonelineseparatedby, Whatdoestheembossedtextsayonthe"emptymilkbottle"inFallout4? Whatdoyoucallsomeonewhoisafanofjets? WhyisNasaretiringISS Shortstoryaboutaliencreaturesfleeingtheirhomeplanettoterraformanother morehotquestions Questionfeed SubscribetoRSS Questionfeed TosubscribetothisRSSfeed,copyandpastethisURLintoyourRSSreader. Yourprivacy Byclicking“Acceptallcookies”,youagreeStackExchangecanstorecookiesonyourdeviceanddiscloseinformationinaccordancewithourCookiePolicy. Acceptallcookies Customizesettings