Creating a Gateway Router on Windows Server 2016 Core

2 minute read

I seem to spin up a lot of Virtual Labs. To make sure my lab doesn’t interfere with the rest of my network, and to simulate a larger enterprise environment you should use a virtual router.

I normally use pfSense as my virtual router of choice, but decided recently to create a router on Windows Server 2016 Core.

This isn’t the first time I’ve installed or used Windows Server Core - in a previous lab I have used it for a DC but I haven’t had much experience with it. This is the first time I’ve used Windows Server for a router let alone on Core.


  • You’ve configured your Virtual Switches with one connected to your host’s network and at least one private\internal network
  • You’ve created the virtual machine with the associated NICs attached
  • You’ve installed Windows Server 2016 Core selecting the none GUI option

Setting up the server

  1. On first boot you’ll be presented with a prompt asking to configure the Administrator password.


  2. We’ll be doing most of the work in Powershell so we need to launch it.

    > Powershell.exe


  3. First lets name the computer (ignore the prompt about rebooting, we’ll do this after configuring the machine).

    > Rename-Computer -NewName GW
  4. We now want to rename the network adaptors, but to do this, we first need to find out the current names. Use the output from this to double check the MAC addresses with the NICs inside your virtualization software.

    > Get-NetIPConfiguration


  5. We then want to rename the adaptors using Rename-NetAdaptor. Using the -Name switch to pass the current names that we found in the previous step. Then use Get-NetIPConfiguration again to confirm.

    > Rename-NetAdapter -Name Ethernet -NewName External
    > Rename-NetAdapter -Name "Ethernet 2" -NewName Internal
    > Get-NetIPConfiguration


  6. Next we’ll configure and validate the internal network adaptors IP details, DNS Addresses, and disable IPv6 for both adaptors. I’m setting my DNS addresses to as this will be my DC, and as this is my external router.

    > New-NetIPAddress -InterfaceAlias Internal -IPAddress -PrefixLength 24
    > Set-DnsClientServerAddress -InterfaceAlias Internal -ServerAddresses,
    > Disable-NetAdaptorBinding -Name Internal, External -ComponentID ms_tcpip6
    > Get-NetAdaptorBinding -Name Internal, External -ComponentID ms_tcpip6
    > Get-NetIPConfiguration
    > Test-NetConnection


  7. The last step is to reboot the computer.

    > Restart-Computer

Installing and configuring the Gateway

  1. After boot, login, and launch Powershell.
  2. First, we need to enable a firewall rule used by routing.

    > Enable-NetFirewallRule -DisplayName "File and Printer Sharing (Echo Request - ICMPv4-In)"
  3. Next, we need to install the Routing Windows Feature, plus the management tools and then reboot the computer.

    > Install-WindowsFeature Routing -IncludeAllSubFeature -IncludeManagementTools
    > Restart-Computer


  4. Once rebooted, re-login and launch Powershell to install the router.

    > Install-RemoteAccess -VpnType Vpn


  5. We now need to enter a NETSH session.

    > NETSH
  6. The final step is to add some routing rules, were going to add the two interfaces, and configure the external mode.

    > routing ip nat add interface External
    > routing ip nat set interface External mode=full
    > routing ip nat add interface Internal



We can validate the config by creating a second VM with or without a GUI. Configuring the IP address inside the range with a default gateway of the GW we’ve just configured (, and the DNS address of your external router. We then use the the Test-NetConnection Powershell command to confirm external access.


Thats it, you should have now configured a Virtual Router on Windows Server 2016 Core. Let me know how it goes!

Thanks to the 2012 Core Survival Guide and Deployment Researches guides on setting up a virtual router and setting up a virtual router using powershell.