Access Hyper-V VM Internal Networks from outside the host computer

  • [アーティクル]

Background:

Given the recently increased usage of Hyper-V VM environments especially in Internal Networks there’s need for a way of access to and from external resources without changing the network configuration. Sometimes, for complex topologies, that might too expensive or maybe not feasible at all.

A quick yet effective solution to this problem can be implemented via configuring TCP/IPv4 routing on the VM Host box.

Scenarios:

· Need to TS from a corp machine to a VM Internal Network

· Need to join a physical box to a VM Internal Network

· Need to access a resource outside a VM Internal Network

Let’s assume following network configuration:

1. CORP LAN

Name: corpclient1

Domain: acme.com

LAN Configuration: default (DHCP enabled)

IP: 157.59.74.c1

2. Hyper-V VM HOST

Name: vmhost1

Workgroup: workgroup1

LAN Configuration: default (DHCP enabled)

IP (External): 157.59.79.g1

LAN Configuration: static IP

IP (Internal): 192.168.1.g2

3. VM GUEST INTERNAL NETWORK

Name: vmdc1

Domain: vmad1.com

LAN Configuration: static IP

IP: 192.168.1.y

Default Gateway: 192.168.1.y

 

Name: vmguest1

Domain: vmad1.com

LAN Configuration: default (DHCP enabled)

IP: 192.168.1.g1

Topology Sample

 

Step1: On VM HOST enable and configure Routing and Remote Access.

· Add role Network Policy and Access Services

· Select Role Services: Routing and Remote Access

· Choose Custom Configuration

· Select only LAN Routing

· Start Routing and Remote Access

Step2: On corpclient1 add route to external gateway

· route add 192.168.1.0 mask 255.255.255.0 157.59.79.g1 metric 1

NOTE: If this machine is intended to be joined to a domain in internal network:

    • This route needs to be persistent (route add -p...) 
    • The TCP/IPv4 DNS set to point to the internal network DNS server address

Step3: On vmguest1 add route to internal gateway

· Route add 157.59.79.0 mask 255.255.255.0 192.168.1.g2 metric 1

NOTE: This step can be avoided if the default gateway is set on the DC to 192.168.g2 via setting “003 Router” parameter in DHCP Server configuration to 192.168.1.g2.

Now you should be able to ping from corpclient1 to vmguest1 and vice versa, TS, etc.