Solved

Networking issues with Virtual SBS 2011 deployed in Hyper-V

Posted on 2013-05-29
6
873 Views
Last Modified: 2014-11-12
Hi experts,

I'd like to have SBS 2011 virtually deployed on a 2008R2 Hyper-v server.

I have 1 static IP address for remote access to hyper-v server, and I'd like to use it as the external ip address for SBS as well (Exchange, Sharepoint, etc.)

Please give me heads up on how to make this setup?

I'm able to get SBS connected to internet (via External network type), but it gets 192.168.137.2 IP address. Also, SBS might require a router as a default gateway with internal network address.

Regards,
Janibek.
0
Comment
Question by:Janibek
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 39205879
SBS will only support a single NIC and single IP, and that IP must be in a private IP range.  You would crate the SBS VM using the default Hyper-V NIC, the virtual switch,  in the VM set up, which would use a Private IP.  This IP needs to be a static IP and would be in the same subnet as the hyper-V host.

Then on your router you forward the appropriate ports (25, 443, & 987) to the private IP of the SBS, the same as you would do for a physical machine.

Only SBS 2003 supported a 2 NIC configuration with one being a public IP assigned to the SBS and a direct internet connection.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39205892
Perhaps in re-reading I may have misunderstood
>>"I have 1 static IP address for remote access to hyper-v server"
You just forward the appropriate services to each internal private IP.  The hyper-v and SBS will be different.  I assume your current access is using rdp (port 3389)?  There are security risks with using that port but it is not necessary for SBS so forward 25, 443, and 987 to the SBS IP and 3389 to the hyper-v IP.
0
 

Author Comment

by:Janibek
ID: 39217907
RobWill,

many thanks for your input, it is highly appreciated!

I ended up connecting SBS to Internet using Routing and Remote access on the Hyper-V host and an Internal type of Virtual NIC.

This scheme was chosen just because I needed a router simulation, and proper port forwarding for exchange and other services -- I had issues configuring the Hyper-V External NIC.

In my opinion, Routing and Remote Access is a little bit easier way for this particular situation. Thus, I'm awarding half the points.

Regards,
Janibek.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 77

Expert Comment

by:Rob Williams
ID: 39217918
Where did you get your Hyper-V license?  If it is the one that comes with SBS it is a licensing violation to install any roles other than Hyper-V on the host, such as RRAS.  Any of the Hyper-V licenses that you get as part of an O/S or the free version can only be used as hyper-V hosts.  There are also security concerns with having direct access to your host.  Personally I would be a little concerned about the configuration, but glad to hear you have it working.
0
 

Author Comment

by:Janibek
ID: 39217937
This was a lab environment. The main goal is to have a bunch of SBS running on Hyper-V server. Hyper-V is deployed on Windows 2008R2 Standard, so I suppose that wouldn't be a license violation.

Could you please get into some details about the security concerns?
In general, the firewall is turned on on the Host, I'm only forwarding ports such as SMTP, FTP, HTTP, etc. to the VM.

In the future, I'm planning to add more static external IPs. Would it be possible to assign them via RRAS to a VM and route all traffic coming on that IP (and still have only single NIC)?

Many thanks, man
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 500 total points
ID: 39217960
>>"Hyper-V is deployed on Windows 2008R2 Standard"
SBS comes with a 2008 R2 license to be used as a hyper-V host.  If that is the license it is not allowed.  If an independent license, which is unusual because of the cost, it would be allowed.  In a lab environment it might be forgiven.

As for security it is always best to have a perimeter device such as a router between the Internet and a server.  RRAS has a feature called a firewall but it is just basic NAT, there is no other protection at all.  In addition you try to avoid direct connections to your key servers such as Domain Controllers and Virtual Hosts.   If it is a lab you may not be as concerned as in a production environment.

Assigning multiple IP's to a single NIC is called multi-homering and Windows doesn't handle it very well.   Usually you would have a router that will do 1 to 1 NAT, multiple NICs on the server, and map 1 IP to each NIC, however that is not something with which I am overly familiar.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nowadays, Virtual Machines are used equally by small and large scale organizations. However the issue is that VMDK files are also prone to corruption. So, in this article we are looking at how to recover VMDK files from hard disk of host operating s…
Veeam Backup & Replication has added a new integration – Veeam Backup for Microsoft Office 365.  In this blog, we will discuss how you can benefit from Office 365 email backup with the Veeam’s new product and try to shed some light on the needs and …

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question