RDP from external IP to KVM (WinSvr 2008)

X

xeniux

Member
Oct 6, 2010
33
0
6
Respected Proxmox Forum Users/Staff,

I had KVM installed with WinSvr2008 for my client.

As we all know that we could only use VNC to browse the KVM (WinSvr2008)

I need to connect to KVM using windows RDP and not VNC cause it is not permitted for my client to login to my Proxmox.

KVM network currently set to NAT and could browse internet from VNC.
At WinSvr2008 the configuration is DHCP and works fine if using DHCP. It is failed to accept connection/could not browsing/ping if i set the failover IP as static IP to WinSvr2008.

As far as i know that we need a static IP to connect to RDP (I had 5 failover IP that i could use to assign on the static IP)

Question :

>> How to assign static IP in current KVM so that winsvr2008 could accept the RDP request from external IP (my client)?

Is there anything related to bridging or setting eth0? if so how to set it? i saw that proxmox provide GUI to set it :
kindly take a look at this picture of Proxmox GUI for setting network : http://i.imgur.com/T6XPp9O.png

If it could not set through Proxmox GUI, any idea on how to set it on /etc/network/interfaces?

Looking forward for any though, thanks in advance for your time :)

Kind regards

Xen
 
Hello Xeniux,


As far as I understood to assign a static address directly in windows in not an option
(If "yes": simply don't use DHCP but define both static address and gateway in windows
guest).

In the qm man (type man qm) page we find:

following addresses are used:

10.0.2.2 Gateway
10.0.2.3 DNS Server
10.0.2.4 SMB Server

The DHCP server assign addresses to the guest starting from
10.0.2.15.

In other words: using the standard methods there is no possibility to assign a fix address
of your choice via DCHP.

But you can install an independent DHCP server at your PROXMOX server, bridge your windows NIC
to the PROXMOX server WAN connection and define the required IP.

The necessary steps:

- install isc-dhcp-server

- define interface (probably vmbr0) for DHCP listening in /etc/default/isc-dhcp-server

- define to be assigned address (and other DCHP options) in /etc/dhcp/dhcpd.conf

After installation you find examples in the above 2 files how to configure.

- bridge the interface

- restart windows guest

Of course, then your windows is not connected via NAT any more (NAT and public address exclude each other)

Another quite simple way would be to use vnc with an ordinary vnc client instead of web interface.

https://pve.proxmox.com/wiki/Vnc_2.0 section "Enabling Vnc 2.0 for use with old vnc clients" describes how to configure.

Best regards

Mr. Holmes
 
Hi Holmes,

Thanks alot for responding with an answer.

As i read, you recommend me to use DHCP server, which means that the IP is not fixed and could changes automatically.

I need my client to connect to the KVM, and if the IP is DHCP how could they connect? cause as i know it needs to connect to static IP.

For the VNC client, i had consider using it, but once more the VNC requires Static IP too in order for my client to connect to the KVM.

Please advice any method that is possible to make my client could connect to the KVM with RDP or VNC.

Kinda newbie on this networking thing and need some guidance.

Thank you in advance.

Kind regards

Xen
 
For the VNC, does it means i put Proxmox main IP into the VNC client in order to connect to the KVM?

Looking forward to hear from you.

Thank you

Kind regards

Xen
 
Hello xeniux,


Since I don´t know your configuration I had to make some assumptions - cannot exclude I
was wrong in some details. However, let´s assume:

* you have got 5 IP from your provider, let´s say 123.45.67.81 - 123.45.67.85

* the first address 123.45.67.81 is assigned to your WAN connection in PROXMOX server

* this is physically connected to eth0

* now you have a bridge vmbr0 which contains eth0, 123.45.67.81 is assigned to it
(can be made via PROXMOX web-gui)

* your windows kvm´s NIC is also connected to that bridge and has DHCP activated, and should get always
123.45.67.82 - it´s mac address is 55:66:77:88:99:aa


About DHCP

* DO NOT use the kvm DHCP service but install at PROXMOX server

aptitude install isc-dhcp-server

* in configuration files for this new DHCP server you have to configure:

- vmbr0 as DHCP listening interface

- subnet 123.45.67.80 with subnet 255.255.255.248 and range 123.45.67.83-85
(note: the range has no effect, but must exist in dhcpd.conf)

- assign to HW mac address 55:66:77:88:99:aa 123.45.67.82

For more details see examples in /etc/default/isc-dhcp-server, /etc/dhcp/dhcpd.conf
and ics-dhcp-server man page.

* No you have always the same IP in windows even DHCP is activated there

Solution with VNC

* windows is connected via kmv´s DHCP, the NIC is not bridged (can be done by gui)

* It has then the probably address 10.0.2.15 and cannot be connected from outside

* define vnc access as described in https://pve.proxmox.com/wiki/Vnc_2.0 section "Enabling Vnc 2.0 for use with old vnc clients", e.g.
args: -vnc 0.0.0.0:33

* connect to windows with a vnc-client using
123.45.67.81:33 (33 is the display number and leads to port 5933)

Hope this answers your questions

Best regards

Mr. Holmes
 
Hello Mr.Holmes,

Thanks alot for your detail explanation.

I had managed to access with VNC, although i wonder why the screen is small, any trick to make it full screen like RDP had?

I found that the VNC needs to connect with Proxmox main IP, is there any ways to make it connect to other Failover IP instead to Proxmox main IP?
from you example the main proxmox main ip is 123.45.67.81 and i need the vnc to connect to 123.45.67.82 or other IPs as long as it is not Proxmox main IP

For the DHCP server i had not try it, will try it once my client is not accessing the server.

Thanks again for helping me out, really appreciated

Kind regards

Xen
 
xeniux said:
I had managed to access with VNC, although i wonder why the screen is small, any trick to make it full screen like RDP had?
Xen
Click to expand...
I´m not an expert for VNC, but I don´t think so.

xeniux said:
I found that the VNC needs to connect with Proxmox main IP, is there any ways to make it connect to other Failover IP instead to Proxmox main IP?
from you example the main proxmox main ip is 123.45.67.81 and i need the vnc to connect to 123.45.67.82 or other IPs as long as it is not Proxmox main IP
Xen
Click to expand...

Yes (but there is nothing specific for kvm or so, it´s simply normal the normal linux way):

- assign the desired address as second to you existing interface, e.g.
vmbr0:X 123.45.67.82 (add an entry in /etc/network/interfaces)

- optional (if you want to avoid access attempts to PROXMOX server) allow to access via this address only the selected VNC port (5933 in the above example) via iptables

But: the PROXMOX server address is probably very close to the failover one (and can be figured out easily) therefore the method described above will not bring additional security

Best regards

Mr.Holmes
 
You must log in or register to reply here.
Top Bottom