For most client applications, including Web browsers, Telnet, passive-mode FTP, and downloaded streaming video, a virtual machine on a NAT network can use any protocol using TCP or UDP if the virtual machine initiates the network connection. Additional protocol support is built into the NAT device to allow FTP and ICMP echo (ping) to work transparently through the NAT device.
On the external network, a virtual machine on the NAT network appears to be the host system because its network traffic uses the host system IP address. The virtual machine can send and receive data by using TCP/IP to any machine that is accessible from the host system.
Before any communication can occur, the NAT device must set up a map between the virtual machine address on the private NAT network and the host network address on the external network. When a virtual machine initiates a network connection with another network resource, this map is created automatically. The operation is transparent to the user of the virtual machine on the NAT network.
Network connections that are initiated from outside the NAT network to a virtual machine on the NAT network are not transparent. When a machine on the external network attempts to initiate a connection with a virtual machine on the NAT network, it cannot reach the virtual machine because the NAT device does not forward the request. You can configure port forwarding manually on the NAT device so that network traffic destined for a certain port can still be forwarded automatically to a virtual machine on the NAT network.
File sharing of the type used by Windows operating systems and Samba is possible among computers on the NAT network, including virtual machines and the host system. If you use WINS servers on your network, a virtual machine that uses NAT networking can access shared files and folders on the host system that the WINS server knows if those shared files and folders are in the same workgroup or domain.