3

I'm running windows 10 build 1809 and have hyper-v installed. I have a Linux machine running behind a NAT with internet connectivity working on IP 10.0.5.5. I basically followed instructions on the link below

https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/user-guide/setup-nat-network

When created the port mapping I called 

Add-NetNatStaticMapping -ExternalIPAddress 0.0.0.0/24 -ExternalPort 8500 -Protocol TCP -InternalIPAddress 10.0.5.5 -InternalPort 8500 -NatName YetAnotherNAT

If i try to hit http://10.0.5.5:8500 it works (page loads). If i try to hit http://127.0.0.1:8500 it doesn't work (nothing loads). Even if I try to use any of my external IPs, it doesn't work.

It's basically like the whole port forwarding is not doing anything.

Any ideas?

Get-VmSwitch returns the following

PS C:\> Get-VMSwitch

Name             SwitchType NetAdapterInterfaceDescription
----             ---------- ------------------------------
nat              Internal
Wifi             External   Intel(R) Dual Band Wireless-AC 7265
DockerNAT        Internal
Default Switch   Internal   Teamed-Interface
MyNATSwitch      Internal
YetAnotherSwitch Internal

Get-NetNat returns the following

PS C:\> get-netnat


Name                             : YetAnotherNAT
ExternalIPInterfaceAddressPrefix :
InternalIPInterfaceAddressPrefix : 10.0.5.0/24
IcmpQueryTimeout                 : 30
TcpEstablishedConnectionTimeout  : 1800
TcpTransientConnectionTimeout    : 120
TcpFilteringBehavior             : AddressDependentFiltering
UdpFilteringBehavior             : AddressDependentFiltering
UdpIdleSessionTimeout            : 120
UdpInboundRefresh                : False
Store                            : Local
Active                           : True
Mark
  • 211
  • 1
  • 4
  • 8
  • If this is on a home computer, I think it's more on-topic at https://superuser.com/ – Todd Wilcox Sep 11 '18 at 19:45
  • It's not on a home computer actually. it's on a work computer for developers but also on Azure. Tried it on both. interestingly, on Azure windows 10, it seems to work for external IP Address (10.0.1.4 for example) but not on 127.0.0.1. Are you thinking because its Windows 10, its a home use case? Would windows server behave differently? – Mark Sep 11 '18 at 20:25
  • I wasn't sure. If it had been home use, then it would have been off-topic here, but since it's for business use, you are fine. I've never done Hyper-V on Windows 10, so I don't know what differences there are. I've also never used `Add-NetNatStaticMapping` – Todd Wilcox Sep 11 '18 at 21:18
  • Wow these comments are a bit of a waste of time up to this point. My comment is: 1. Did you succeed? 2. What is output of Get-NetNatStaticMapping? – Eugene van der Merwe Mar 07 '19 at 01:08

1 Answers1

0

You're probably hitting this:

Accessing internal endpoints directly from the Host

Internal endpoints assigned to VMs or containers cannot be accessed using the external IPs / ports referenced in NAT static port mappings directly from the NAT host. From the NAT host, these internal endpoints must be addressed directly by their internal IP and ports. For instance, assume a container endpoint has IP 172.16.1.100 and is running a web server which is listening on port 80. Moreover, assume a port mapping has been created through docker to forward traffic from the host’s IP address (10.10.50.20) received on TCP port 8080 to the container endpoint. In this case, a user on the container host cannot directly access the web server using the externally mapped ports. e.g. A user operating on the container host cannot access the container web server indirectly on http://10.10.50.20:8080 . Instead, the user must directly access the container web server on http://172.16.1.100:80 .

The one caveat to this limitation is that the internal endpoint can be accessed using the external IP/port from a separate, VM/container endpoint running on the same NAT host: this is called hair-pinning. E.g. A user operating on container A can access a web server running in Container B using the internal IP and port of http://10.10.50.20:8080

Source: https://techcommunity.microsoft.com/t5/Virtualization/Windows-NAT-WinNAT-Capabilities-and-limitations/ba-p/382303

sCiphre
  • 463
  • 3
  • 6