Two VLANs to one Hyper-V server

timeshifter

timeshifter

Well-Known Member
Reaction score
2,402
Location
USA
There are two small organizations sharing office space, Internet and a server. They used to be one company but are slowly breaking ties and becoming independent. Right now they're all on the same network with one Windows Server. The shared files and access rights on the server are unique to each company - i.e. company A users can't access company B files for example.

I'd like to take it a step further and have them on separate subnets and / or VLANs. One of the companies has a need for several remote users VPN-ing in. I'd like to isolate them so that one company's problems don't cross over to the others.

I can easily set up a VLAN on their Meraki gateway with a new subnet. The part that I'm fuzzy on is server access. If the server was physical I think I could just install a new network adapter and assign it to the second network.

But this server is one box. It's running Windows Server 2012 R2 as a Hyper-V host and their actual server is an instance of Windows Server 2012 R2 running DC, file sharing, etc. I'm wondering if there is something I could configure on the Virtual Switch in Hyper-V to make this happen or if I'll need an extra physical network connection to make this work?
 
Thanks. I don’t do a lot of Hyper-V servers, but when I do I’ve always had difficulty with the concepts of virtual switches.
 
I've started exploring this whole thing in ESXi but haven't gotten very far. Lab work doesn't generate revenue. I'd guess many, if not most, features/functions are cross platform so to speak.

What's the physical server? Does it have more than one NIC? If so you should be able to bind each virtual instance to separate NICs.

Do the RDP sessions need access to anything other than what's on the VM?
 
Sandbox screw ups? On a technology that sits at the base of the entire Azure cloud, much less the O365 on top of it...

There's nothing immature, or vulnerable about HyperV.
 
Markverhyden said:
What's the physical server? Does it have more than one NIC? If so you should be able to bind each virtual instance to separate NICs.

Do the RDP sessions need access to anything other than what's on the VM?
Click to expand...
Dell PowerEdge T320. It has two on-board Ethernet ports.

Not really using RDP for anything. Just use my unattended remote control client on the host.
 
VLAN carves up layer 2, IP addressing and the apps that run over those are above that stack.

As long as each VLAN as a working IP scope, and a path to the internet life is good. The only problems I see are IP renumbering, servers are often statically configured and sometimes can be a bit picky about jumping over, in particular domain controllers. But in theory, once the VLANing is good, which can operate over a single physical NIC if required, off you go.

Now, if you don't want to do VLANs and you can dedicate interfaces, you could always do that too. At least then you can VLAN on the switch itself, but there is nothing stopping you from terminating the VLANs on the host, or even passing the tagged packets on up to the VM. Though that last one requires some tinkering in powershell I think.
 
Like mikeroq says, create a new VM for the other company. To assign a vlan is pretty quick in Hyper-V, just go to settings on the VM, highlight the network adapter, check the VLAN ID box and enter in the right id number.
 
You must log in or register to reply here.

Similar threads

HCHTech
Hyper-V - Moving VM to a new host
Replies
6
Views
191
britechguy
britechguy
autumn
Hyper V licensing
Replies
8
Views
678
autumn
autumn
autumn
Hyper V VM move to new hardware
Replies
6
Views
506
autumn
autumn
C
VM Server reboot has a 169. address.
Replies
3
Views
810
YeOldeStonecat
YeOldeStonecat
HCHTech
LBFO vs. SET teams
Replies
11
Views
1K
cypress
cypress
Back
Top