how can i connect two virtual machines with diff segment to vmware?

hi experts,

how can i connect two virtual machines with diff segment to vmware? i have two virtual machines

 both server 2003 r2 and have different ip segment. im planning to simulate a two office network in two different locations connected via site to site tunnel.

 waiting for awesome advice. thanks
ragotAsked:
Who is Participating?
 
bgoeringConnect With a Mentor Commented:
Your Workstation 7.x should have 3 virtual networks out of the box, Bridged, host-only, and NAT. I would go into  Edit - Virtual Network Editor and create another host-only network on vmnet2.

On the monowall appliance, add a 3rd virtual nic - then hook them up as follows:
virtual nic 1 - host-only on vmnet1 - this will be LAN interface on monowall
virtual nic 2 - bridged - this will be WAN interface on monowall
virtual nic 3 - host-only on vmnet2 - this will be OPT1 interface on monowall

Put one of your vms on host-only vmnet1, configure IP, subnet, and gateway - doesn't make a lot of difference at this point what range you use - for example
192.168.30.2, mask 255.255.255.0, gateway 192.168.30.1 - this gateway address is what you will configure the LAN IP address on the monowall

put the other vm on host-only vmnet2, configure IP, subnet, and gateway - doesn't make a lot of difference at this point what range you use - for example
192.168.40.2, mask 255.255.255.0, gateway 192.168.40.1 - this gateway address is what you will later configure the OPT1 IP address on the monowall

On first bootup of the monowall you will associate the nics with networks - all you will be able to see is the mac address of the nics, but it will find them in order, so the first one will be LAN, 2nd will be WAN, and 3rd will be OPT1 - you can see the mac addresses in edit settings on the vm to verify. Also select the function to assign the LAN IP and give it 192.168.30.1 if using the addresses in this example.

Go to your web browser for your "LAN" vm and open a session to 192.168.30.1 - from there you have a browser based configuration to walk you through the rest. You will need to give an IP of 192.168.40.1 to the OPT1 interface. If you have DHCP on your LAN you can leave the WAN interface set as DHCP, otherwise give it a static IP appropriate to your LAN.

Configure firewall rules on the LAN and OPT1 interfaces to permit any source, any destination, and any protocol.

At this point it will be functioning as a router allowing all traffic between your two vms -  you should be able to ping back and forth between your vms as well as do the dcpromo stuff you want to test. You should also be able to access other machines on your hosts network and on the Internet through the default NAT rules that installed. You will for sure from the "LAN" vm - can't remember if a new setup has the default NAT rule for the OPT1 interface.

Have fun
0
 
ragotAuthor Commented:
by the way im using vmware workstation 7.1
0
 
JohnBusiness Consultant (Owner)Commented:
You would set each VM at each end in Bridged Mode in Workstation 7. Now each VM has its own IP on the local network. Now you should be able to hook them up with a VPN connection.

Now at this point, it is no different than two physical servers and you need VPN gear to connect them.

... Thinkpads_User
0
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

 
ragotAuthor Commented:

 how to create vpn connection on vmware?
0
 
JohnBusiness Consultant (Owner)Commented:
Once your VM's are bridged, networking is the same as for real machines. It is not particularly a VMware problem.

... Thinkpads_User
0
 
JohnBusiness Consultant (Owner)Commented:
You might also try to put the 2 VM's in NAT mode. You may have done this already. You would need to give one VM a custom NAT connection with a different subnet to the other VM.

However, now the networking is all internal and all software. I am not sure if you can connect the two subnets by VPN. I have not tried connecting two VM's on two different subnets.

... Thinkpads_User
0
 
ragotAuthor Commented:

 hmmm thanks for the answers.. but i really need to do a test on joining my DC to main office DC
0
 
JohnBusiness Consultant (Owner)Commented:
Here is one guide:

http://www.homenethelp.com/vpn/

here is another:

http://www.aeonity.com/frost/howto-windows-xp-vpn-server-setup

Look up "software vpn server" on Google and there is lots of information.

... Thinkpads_User
0
 
bgoeringCommented:
Are you trying to simulate a Microsoft Routing and RAS setup in a virtual environment? If so I would use a virtual router such as Vyatta, PFSense, or Monowall (http://m0n0.ch) to route between the two networks. That could be done entirely within the confines of a VMware Workstation or ESX/ESXi server environment.

Let me know if this is what you are attempting and I can provide more details.

Good Luck
0
 
ragotAuthor Commented:

 yes bgoering im simulating that. im planning to simulate the following scenario:

 2 Domain controllers ( Domain A and B ) - different subnet and location

 demoting Domain A and joining it to Domain B.
0
 
bgoeringCommented:
The solution I posted with the virtual router should work for you then. For ease of use I prefer monowall myself - it is technically a firewall, but can route between network segments and provide outside access over the monowall "WAN" interface. Download the virtual appliance for monowall and take a look.
0
 
ragotAuthor Commented:

 i already downloaded monowall and loaded it into vmware. how can i use it? thanks
0
 
ragotAuthor Commented:

 thanks for the instructions. just to clarify, on the monowall you want me to create VLANs? when i tried i cannot get into vmnet2. i configured vmnet2 into virtual network editor with 192.168.3.0 as subnet ip. am i correct with what i did?
0
 
bgoeringCommented:
I wouldn't use VLANs - just do it like I said. For VLANs to work you need a switch that can pass tagged frames and to be able to pass them through to your VM. While this is possible on ESX and ESXi I don't believe it can be done on workstation.
0
 
ragotAuthor Commented:

 thanks. on the monowall how can i add a 3rd virtual nic? im stuck on commandline
0
 
bgoeringCommented:
Go into Edit Settings on the vm. Click add, then select virtual NIC. You will have to rerun the Interface assignment (number 1 on the vm console) step again to utilize the NIC. It should have been created before the first boot.
0
 
ragotAuthor Commented:

 thanks a lot, im now at monowall GUI. how can i do again your step below ( bold letters ): i cannot find OPT1 interface

Go to your web browser for your "LAN" vm and open a session to 192.168.30.1 - from there you have a browser based configuration to walk you through the rest. You will need to give an IP of 192.168.40.1 to the OPT1 interface. If you have DHCP on your LAN you can leave the WAN interface set as DHCP, otherwise give it a static IP appropriate to your LAN.

 
0
 
ragotAuthor Commented:

 ok i can ping 192.168.40.2 now :) but i cannot ping 192.168.30.2 i have assigned the rules on LAN and OPT1 interfaces
0
 
bgoeringCommented:
After you added the third NIC to the vm, you needed to rerun the Interfaces: assign network ports from the vm console (option 1). It should recognize 3 nics - first will be LAN, 2nd WAN, 3rd will create OPT1

after that it will show up in web configuration gui
0
 
bgoeringCommented:
If you have created rules to allow all traffic on both LAN and OPT1 - double check your nic bindings to vmnet1 and vmnet2 and bridged are on the correct monowall interfaces. Take a look at the mac addresses to make sure you have the right one in the right place.

You can see the mac addresses on the monowall under status-interfaces towards the bottom of the menu on the left. You can see the macs on the vm edit settings screen when you select the nic
0
 
bgoeringCommented:
also make sure your vms are bound the correct place, one will be on host-only, the other on custom-vmnet2
0
 
ragotAuthor Commented:

 bgoering: thanks a lot! you're awesome! i can now ping back and forth on 2 VMs. now i can proceed to demoting AD of one domain and joining it to another domain.

 can i ask question related to demoting and rejoining domain here?
0
 
bgoeringCommented:
You should post it as a new question in the appropriate Windows OS group - if you want to post a link to the new question in this thread I will try to follow up - but I will be off to bed soon here.

Glad you got it going
0
 
ragotAuthor Commented:
Thanks a lot!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.