| Author |
 Topic  |
|
|
aval
Honorable But Hopeless Addict
USA
3274 Posts
Status: offline |
 Posted - 06/09/2012 : 2:25:10 PM
|
Here are the elements of the puzzle:
- Laptop with Windows 7 SP1 host (with Windows firewall enabled, currently no exceptions).
- VMware Workstation 7.1.5
- Exchange 2007 SP3 guest (and yes, there is also a DC/GC present)
What I want:
Send email to my Exchange 2007 guest (yes, from the outside, from Gmail, etc.)
(How I configure MX records and use noip.com (etc.) to deal with the laptop's dynamically assigned IP is matter for another question).
So, I connect my laptop to the Internet.
I want to allow incoming traffic 1) only to the mailserver and 2) only on ports 25 (SMTP) and 443 (HTTPS).
It seems (it seems) that the easiest part is configuring VMware.
It looks like I map an incoming port like this:
Host port: 25 (or 443)
Type: TCP
Virtual machine address: 10.1.1.1 (for example)
Virtual machine port: 25
NAT is already configured and my guests can access the Internet.
The mailserver can actually send email to SOME outside addresses (Hotmail, for example, drops anything from a dynamic IP address).
Right now, I'm in the Windows Firewall (Advanced) of the W7-SP1 laptop and trying to designate vmnet8 (NAT network) as the only allowed destination.
Am I on the right track?
|
Edited by - aval on 06/09/2012 2:28:00 PM |
|
|
wobble_wobble
Honorable But Hopeless Addict
Ireland
4517 Posts
Status: offline |
Posted - 06/10/2012 : 07:26:57 AM
|
Are you connecting the laptop directly or if it connected through a router/ modem?
If your behind a natting device, configure the rules on that.
|
Joe
After everything that has happened during the month of Jan 07, I do believe that pigs fly backwards!
http://whatismyv6.com/ |
 |
|
|
aval
Honorable But Hopeless Addict
USA
3274 Posts
Status: offline |
Posted - 06/10/2012 : 3:37:50 PM
|
| Directly. The IP address on the laptop is from the ISP's DHCP server. |
|
|
|
wobble_wobble
Honorable But Hopeless Addict
Ireland
4517 Posts
Status: offline |
|
|
aval
Honorable But Hopeless Addict
USA
3274 Posts
Status: offline |
Posted - 06/11/2012 : 6:59:00 PM
|
Thanks Joe.
That links addresses the configuration of port forwarding in VMware Workstation.
But does that also create exceptions in the Windows Firewall of the host machine (I do not see how)?
I just tried ICS and it seemed promising, until I got to the part about 192.168.0.1 as the only possible address and the nodes having to be configured as DHCP clients. |
|
|
|
aval
Honorable But Hopeless Addict
USA
3274 Posts
Status: offline |
Posted - 06/11/2012 : 7:08:35 PM
|
| I think I might be able to do this by creating a rule in Windows Firewall (Advanced) and specify the IP address of the VMnet8 virtual NIC (that, couple with port forwarding). |
|
|
| |
Topic |
|
Allow inbound traffic to VM guest - Win firewall
