Solved

how can i connect two virtual machines with diff segment to vmware?

Posted on 2010-11-10
24
1,156 Views
Last Modified: 2012-05-10
hi experts,

how can i connect two virtual machines with diff segment to vmware? i have two virtual machines

 both server 2003 r2 and have different ip segment. im planning to simulate a two office network in two different locations connected via site to site tunnel.

 waiting for awesome advice. thanks
0
Comment
Question by:ragot
  • 11
  • 9
  • 4
24 Comments
 

Author Comment

by:ragot
ID: 34108459
by the way im using vmware workstation 7.1
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 34108520
You would set each VM at each end in Bridged Mode in Workstation 7. Now each VM has its own IP on the local network. Now you should be able to hook them up with a VPN connection.

Now at this point, it is no different than two physical servers and you need VPN gear to connect them.

... Thinkpads_User
0
 

Author Comment

by:ragot
ID: 34108537

 how to create vpn connection on vmware?
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 34108550
Once your VM's are bridged, networking is the same as for real machines. It is not particularly a VMware problem.

... Thinkpads_User
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 34108573
You might also try to put the 2 VM's in NAT mode. You may have done this already. You would need to give one VM a custom NAT connection with a different subnet to the other VM.

However, now the networking is all internal and all software. I am not sure if you can connect the two subnets by VPN. I have not tried connecting two VM's on two different subnets.

... Thinkpads_User
0
 

Author Comment

by:ragot
ID: 34108597

 hmmm thanks for the answers.. but i really need to do a test on joining my DC to main office DC
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 34108603
Here is one guide:

http://www.homenethelp.com/vpn/

here is another:

http://www.aeonity.com/frost/howto-windows-xp-vpn-server-setup

Look up "software vpn server" on Google and there is lots of information.

... Thinkpads_User
0
 
LVL 28

Expert Comment

by:bgoering
ID: 34114101
Are you trying to simulate a Microsoft Routing and RAS setup in a virtual environment? If so I would use a virtual router such as Vyatta, PFSense, or Monowall (http://m0n0.ch) to route between the two networks. That could be done entirely within the confines of a VMware Workstation or ESX/ESXi server environment.

Let me know if this is what you are attempting and I can provide more details.

Good Luck
0
 

Author Comment

by:ragot
ID: 34117075

 yes bgoering im simulating that. im planning to simulate the following scenario:

 2 Domain controllers ( Domain A and B ) - different subnet and location

 demoting Domain A and joining it to Domain B.
0
 
LVL 28

Expert Comment

by:bgoering
ID: 34117106
The solution I posted with the virtual router should work for you then. For ease of use I prefer monowall myself - it is technically a firewall, but can route between network segments and provide outside access over the monowall "WAN" interface. Download the virtual appliance for monowall and take a look.
0
 

Author Comment

by:ragot
ID: 34117242

 i already downloaded monowall and loaded it into vmware. how can i use it? thanks
0
 
LVL 28

Accepted Solution

by:
bgoering earned 500 total points
ID: 34117345
Your Workstation 7.x should have 3 virtual networks out of the box, Bridged, host-only, and NAT. I would go into  Edit - Virtual Network Editor and create another host-only network on vmnet2.

On the monowall appliance, add a 3rd virtual nic - then hook them up as follows:
virtual nic 1 - host-only on vmnet1 - this will be LAN interface on monowall
virtual nic 2 - bridged - this will be WAN interface on monowall
virtual nic 3 - host-only on vmnet2 - this will be OPT1 interface on monowall

Put one of your vms on host-only vmnet1, configure IP, subnet, and gateway - doesn't make a lot of difference at this point what range you use - for example
192.168.30.2, mask 255.255.255.0, gateway 192.168.30.1 - this gateway address is what you will configure the LAN IP address on the monowall

put the other vm on host-only vmnet2, configure IP, subnet, and gateway - doesn't make a lot of difference at this point what range you use - for example
192.168.40.2, mask 255.255.255.0, gateway 192.168.40.1 - this gateway address is what you will later configure the OPT1 IP address on the monowall

On first bootup of the monowall you will associate the nics with networks - all you will be able to see is the mac address of the nics, but it will find them in order, so the first one will be LAN, 2nd will be WAN, and 3rd will be OPT1 - you can see the mac addresses in edit settings on the vm to verify. Also select the function to assign the LAN IP and give it 192.168.30.1 if using the addresses in this example.

Go to your web browser for your "LAN" vm and open a session to 192.168.30.1 - from there you have a browser based configuration to walk you through the rest. You will need to give an IP of 192.168.40.1 to the OPT1 interface. If you have DHCP on your LAN you can leave the WAN interface set as DHCP, otherwise give it a static IP appropriate to your LAN.

Configure firewall rules on the LAN and OPT1 interfaces to permit any source, any destination, and any protocol.

At this point it will be functioning as a router allowing all traffic between your two vms -  you should be able to ping back and forth between your vms as well as do the dcpromo stuff you want to test. You should also be able to access other machines on your hosts network and on the Internet through the default NAT rules that installed. You will for sure from the "LAN" vm - can't remember if a new setup has the default NAT rule for the OPT1 interface.

Have fun
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:ragot
ID: 34117590

 thanks for the instructions. just to clarify, on the monowall you want me to create VLANs? when i tried i cannot get into vmnet2. i configured vmnet2 into virtual network editor with 192.168.3.0 as subnet ip. am i correct with what i did?
0
 
LVL 28

Expert Comment

by:bgoering
ID: 34118237
I wouldn't use VLANs - just do it like I said. For VLANs to work you need a switch that can pass tagged frames and to be able to pass them through to your VM. While this is possible on ESX and ESXi I don't believe it can be done on workstation.
0
 

Author Comment

by:ragot
ID: 34118637

 thanks. on the monowall how can i add a 3rd virtual nic? im stuck on commandline
0
 
LVL 28

Expert Comment

by:bgoering
ID: 34119755
Go into Edit Settings on the vm. Click add, then select virtual NIC. You will have to rerun the Interface assignment (number 1 on the vm console) step again to utilize the NIC. It should have been created before the first boot.
0
 

Author Comment

by:ragot
ID: 34160954

 thanks a lot, im now at monowall GUI. how can i do again your step below ( bold letters ): i cannot find OPT1 interface

Go to your web browser for your "LAN" vm and open a session to 192.168.30.1 - from there you have a browser based configuration to walk you through the rest. You will need to give an IP of 192.168.40.1 to the OPT1 interface. If you have DHCP on your LAN you can leave the WAN interface set as DHCP, otherwise give it a static IP appropriate to your LAN.

 
0
 

Author Comment

by:ragot
ID: 34161132

 ok i can ping 192.168.40.2 now :) but i cannot ping 192.168.30.2 i have assigned the rules on LAN and OPT1 interfaces
0
 
LVL 28

Expert Comment

by:bgoering
ID: 34161142
After you added the third NIC to the vm, you needed to rerun the Interfaces: assign network ports from the vm console (option 1). It should recognize 3 nics - first will be LAN, 2nd WAN, 3rd will create OPT1

after that it will show up in web configuration gui
0
 
LVL 28

Expert Comment

by:bgoering
ID: 34161169
If you have created rules to allow all traffic on both LAN and OPT1 - double check your nic bindings to vmnet1 and vmnet2 and bridged are on the correct monowall interfaces. Take a look at the mac addresses to make sure you have the right one in the right place.

You can see the mac addresses on the monowall under status-interfaces towards the bottom of the menu on the left. You can see the macs on the vm edit settings screen when you select the nic
0
 
LVL 28

Expert Comment

by:bgoering
ID: 34161174
also make sure your vms are bound the correct place, one will be on host-only, the other on custom-vmnet2
0
 

Author Comment

by:ragot
ID: 34161244

 bgoering: thanks a lot! you're awesome! i can now ping back and forth on 2 VMs. now i can proceed to demoting AD of one domain and joining it to another domain.

 can i ask question related to demoting and rejoining domain here?
0
 
LVL 28

Expert Comment

by:bgoering
ID: 34161258
You should post it as a new question in the appropriate Windows OS group - if you want to post a link to the new question in this thread I will try to follow up - but I will be off to bed soon here.

Glad you got it going
0
 

Author Closing Comment

by:ragot
ID: 34161316
Thanks a lot!
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

When we have a dead host and we lose all connections to the ESXi, and we need to find a way to move all VMs from that dead ESXi host.
This article will show you how to create an ISO CD-ROM/DVD-ROM image (*.iso), and MD5 checksum signature, for use with VMware vSphere Hypervisor 6.5 (ESXi 6.5). It's a good idea to compare checksums, because many installations fail because of a corr…
Teach the user how to configure vSphere Replication and how to protect and recover VMs Open vSphere Web Client: Verify vsphere Replication is enabled: Enable vSphere Replication for a virtual machine: Verify replicated VM is created: Recover replica…
Teach the user how to use vSphere Update Manager to update the VMware Tools and virtual machine hardware version Open vSphere Client: Review manual processes for updating VMware Tools and virtual hardware versions: Create a new baseline group in vSp…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now