Building My Capture and Deployment Server – Part III – Setting up Network Address Translation

This is the third part of my series on building my capture and deployment server. In Part I, I defined the virtual machine settings I used. In Part II, I installed Windows Server 2008 R2 x64 SP1 Enterprise Edition and did initial configurations. In this part I will configure Network Address Translation to allow the virtual machines in the development network access to the internet for patching.

Configure Network Address Translation

Since I want to keep my development network separate from my home network, I will use this server as a router/NAT to enable machines in the development network out to the internet to check for updates. In order for Network Address Translation to work, you must use the Intel E1000 NICs instead of the VMXNET3 NICs. See here for details.

Before beginning the setup, I set the External and Internal NIC settings to this:

External Internal
Building My Capture and Deployment Server - Part III - 01 Building My Capture and Deployment Server - Part III - 02

Under Server Manager, right click Roles and select Add Role. Click next and select the Network Policy and Access Services role.

Building My Capture and Deployment Server - Part III - 03

Click next, and next again past the explanation to get to the Role Services screen. Here select the Routing and Remote Access Services and ensure that Routing is checked as well. Click next, and install.

Building My Capture and Deployment Server - Part III - 04

Once the install is completed, the the Network Policy and Access Services node will show up under Roles. Drill down until you get to Routing and Remote Access, right click on the node, and select Configure and Enable Routing and Remote Access.

Building My Capture and Deployment Server - Part III - 05

Click next, and selection Custom configuration. Put a check next to NAT, click next, and then finish. When prompted, start the Routing and Remote Access service.

Building My Capture and Deployment Server - Part III - 06

Expand the Routing and Remote Access node, then expand the IPv4 node. Right click on NAT and select New Interface. Here we will add the External Network first.

Building My Capture and Deployment Server - Part III - 08

Under the properties screen for the External Network interface, select Public interface connected to the Internet and check the box for Enable NAT on this interface. And click OK.

Building My Capture and Deployment Server - Part III - 9

Repeat the process for the Internal Network interface, but this time select Private interface connected to private network.

Building My Capture and Deployment Server - Part III - 10

After this, NAT should be working properly.


Series Posts

Advertisements

Posted on January 26, 2013, in Lab, STIG. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: