NAT & Routing
Last updated
Last updated
In this post, we will be configuring Windows Server as a NAT (Network Address Translation) router to route traffic between local LAN and the internet.
The Windows Server must have two Network Adapters, one configured for the internal local network (LAN) and another one configured to access the internet (Internet).
For this guide, we will use the test lab created in VirtualBox.
Windows Server ( two network adapter at least)
Eth1: 192.168.10.1/24 Eth2: NAT
Windows 10
Eth1: 192.168.10.100/24 GW: 192.168.10.1/24
Look at the below image for complete IP configuration details for all VMs.
Let’s install the Remote Access server role on the WS2K19-SRV02 server. Open Server Manager Console.
1. Click on Manage and select Add Role and Features.
2. On the Before you begin page, click Next.
3. Select Role-based or feature-based installation and click Next.
4. Select a server from the server pool on which you want to install the Remote Access Service role, click Next.
5. On select server roles page, select the Remote Access Services checkbox. Click Next.
6. On select features, click Next.
7. Read overview information about Remote Access Services and click Next.
8. On Select Role Service console, select the Routing checkbox to install the LAN Routing role service.
9. Click the Add Features button to add the required feature for LAN Routing. Click Next to continue.
10. Click Next on the Web Server role services page.
11. Click Install and complete the installation process.
12. Click Close to finish the installation.
13. To configure NAT and LAN routing, open the Remote and Routing Access console using the Server Manager console.
14. Click on Tools and select Routing and Remote Access.
15. Select and right-click on the local server name and then select Configure and Enable Routing and Remote Access.
16. On the welcome page, read the description, and click Next.
17. On the Configuration page, select the Network Address Translation (NAT). Click Next.
18. On the NAT Internet Connection page, select the network interface your users will use to connect to the internet. Click Next. If the network adapter doesn't show up initially, cancel the wizard and start configuring . This is a small bug where the network adapter doesn't show up initially.
19. Click Finish.
20. On Routing and Remote Access console, expand the local server name, expand IPv4. Click and Expand NAT.
21. Double-click on the LAN interface. Verify Interface type is a Private interface connected to the private network.
22. Double-click on the INTERNET interface. Verify Interface type is a Public interface connected to the Internet. Make sure that Enable NAT on this interface checkbox is selected.
To test NAT functionality, move to Windows 10 PC.
23. Open command prompt and ping to google public dns server (ping 8.8.8.8)
24. Open the web browser and access www.google.com.
25. If the user can access the www.google.com website successfully, that means NAT is working properly.
26. Click on NAT and you should see that packets have been translated.
