[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 783
  • Last Modified:

Connect internet to VMware vLAN - RRAS

Hi, I have cloned some VMs from our production network 'prod' and have placed the cloned VMs into a private vLAN so they are isoloted and will not interfere with anything in production.

This is working well, however i now have a requirement to download product updates from the web on my cloned VMs - which are in the 'private' vLAN with no web access.

I have spun up a Server 2003 box and installed Routing and Remote Access.

Can someone please walk me through the correct config to use RAS to bridge the 2 vLANs and supply my cloned machines with web access.

prod network 172.16.4.0/22 default gateway 172.16.4.253
private network 172.16.4.0/22

thanks
0
fieldj
Asked:
fieldj
  • 5
  • 4
  • 3
1 Solution
 
Aaron TomoskyTechnology ConsultantCommented:
Are the vlans setup in your router? Why can't you just allow Internet from there? What kind of router do you have?
0
 
Aaron TomoskyTechnology ConsultantCommented:
You cal also attach another nic to your vm that can get out and delete it when you're done
0
 
gheistCommented:
You can add home router software like openwrt between VLANs..
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
fieldjAuthor Commented:
So the 'private' network is a virtual network which is a replica the 'prod' (production) network.  It is a isolated vLAN.

The Server 2003 box running Routing and Remote Access has a NIC from each vLAN, prod and private.

I want this box to become a gateway between my production 'prod' network and the 'private' network (therefore allowing the cloned VMs placed in the private network vLAN to be identical to those in prod - i.e. I don't want to add a NIC to the cloned VMs)
0
 
gheistCommented:
NAT as from home router software seems to fullfill update access while not granting unneded access to isolated machines...
0
 
fieldjAuthor Commented:
Thanks Gheist, can you explain, add links for software please?
0
 
fieldjAuthor Commented:
I found this article, this is pretty much what I am trying to achieve however my VLANs are the same IP range
http://blogs.msdn.com/b/canberrapfe/archive/2013/04/23/routing-traffic-between-subnets-in-your-hyper-v-lab.aspx
0
 
gheistCommented:
Software download:
http://downloads.openwrt.org/backfire/10.03.1/x86_generic/
It needs two e1000 adapters, and one in "isolated" network will be one that you can use for configuration (like home router setup you know)
Start with beginners guide:
http://wiki.openwrt.org/doc/start
You need to enable NAT and set "isolated" IP address to where gateway was... And use one IP in not isolated network.
That way they all can connect out but nobody can connect in
0
 
Aaron TomoskyTechnology ConsultantCommented:
If you want something fun and interesting check out pfsense
https://pfsense.org/download/index.html

Not knocking rras, just never used it so I can't really help with that.
0
 
fieldjAuthor Commented:
Sorry I require a Windows based solution
0
 
Aaron TomoskyTechnology ConsultantCommented:
Microsoft points you here:
http://technet.microsoft.com/en-us/library/dd469630.aspx
Here is a blog with screenshots that uses it to tie wlan to lan, same thing you are doing with vlans
http://shannonbray.wordpress.com/2010/05/25/configuring-rras-for-windows-server-2008-r2/
0
 
fieldjAuthor Commented:
When i bridged the connections (NICs in the different vLANs) i got a duplicate IP address on the network.  
I abandoned this approach as the side effects of getting the config wrong causes severe problems on the production network.  I have implemented another solution, which was to present a new default gateway.
Thanks for all your comments
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now