Hyper-V networking.....

[Phrik]

......so, I want to setup a VM in Hyper-V with a Server 2012 host, but for this one specific VM I would like to give it internet-only access, no LAN access absolutely none, if possible can't even ping another VM or physical machine in my network, and I don't even want it to be able to access the host either, I only have a simple RT-AC66U router and some home/commercial grade switches so VLANs are out of the question, prefer not to use the DMZ as I'm horrible at securing a VM or network. Practically, I'm not networking specialist.

I'm aware that in this scenario, I would only be able to manage that VM over the internet or directly from the host console.

I have a few small VMs running on my current server.

Any of yous might have a suggestion/advise/ideas on how I can do this ? I've done a bit of research, and none would work or fit the bill, like VLANs, NATs on host with internal Vswitch.

The only other option I have requires running a second home router (preferably non-WIFI router, but can't find one), and adding another set of cable through the walls to the server and a separate dedicated NIC for the virtual switch. All this means more expenses for one VM.

Cheers !

 

[Child of Wonder]

Hyper-V 2012 R2 has VM level ACLs you can try that.

 

[Child of Wonder]

https://www.petri.com/what-are-hyper-v-extended-port-acls-2

 

[Phrik]

Hmmmmm.... was looking for more of a plug and play thing Or nothing that involves command line configuration or firewall settings, as I will eventually forget this.

 

[Child of Wonder]

It works but it's not a pretty GUI solution. However, for segregating traffic of VMs on the same broadcast domain you're going to need something that interfaces with the vSwitch on the host and that leaves you with the ACLs, a Nexus 1000v using ACLs, or 5Nine Cloud Security, the latter two are paid solutions.

If you work with Hyper-V and don't know how to script with Powershell, now's the time to start learning.