Category Archives: HyperV

Using Vyatta Router device in HyperV (Part 5)

OK, so that wasn’t the last entry on Vyatta.
 
 
This version of SBS (codenamed Aurora), is quite similar to Windows Home Server. As such, it does not appear to run a DHCP Server service by default. Therefore, the DHCP Server service needs to be configured on the Vyatta router. Three command lines will do the trick.
 
set service dhcp-server shared-network-name ETH1_POOL subnet 192.168.100.0/24 start 192.168.100.100 stop 192.168.100.199 
<<Name the Range, set the subnet, then put the starting address and ending adddress for the leases
  
set service dhcp-server shared-network-name ETH1_POOL subnet 192.168.100.0/24 default-router 192.168.100.15 <<set the default router
set service dhcp-server shared-network-name ETH1_POOL subnet 192.168.100.0/24 dns-server 12.34.56.100 <<set the default DNS server
 

Using Vyatta Router device in HyperV (Part 4)

The final part of this series is to configure the router to enable port forwarding to the internal server. In the Vyatta documentation, this is called Destination NAT (One-to-One).
 
For a SBS 2003 or SBS 2008 installation, the following ports need to be forwarded to the server – 25 (SMTP), 443 (HTTPS), 4125 (RWW on SBS2003), 987 (RWW on SBS2008). Additionally, once could forward port 3389 (Remote Desktop) if direct terminal access is required.
 
The command sequence to set up port forwarding for a port (ie. SMTP) is as follows:
set service nat rule 10 description NAT_SMTP  << give it a number and a name
set service nat rule 10 inbound-interface eth0  <<the external NIC
set service nat rule 10 destination port smtp  <<can also use the port number – 25
set service nat rule 10 inside-address address 192.168.100.202  <<the IP of your internal server
set service nat rule 10 protocol tcp  <<the vyatta manual incorrectly states “protocols”
set service nat rule 10 type destination
 
Repeat the above, changing the rule number, name, and port number/name.
 
That’s it. Once the router is set up, it will bridge the private network in HyperV to the external LAN, which will enable testing of the SBS environment apart from the live production network.
 

Using Vyatta Router device in HyperV (Part 3)

Now that the Vyatta router is in place, we need to configure it to become as firewall and to handle traffic properly.
Once you have logged in to the router, it is a matter of using a series of command. These command are set off by the initial command – configure.
When the series of commands are completed, a commit command must be executed to commit the changes and exit will drop back to the command line.
 
To set up the NICs on the router, use the following commands. I am assuming that my LAN has an IP range of 192.168.200.0/24 and the Virtual Private LAN is set to 192.168.100.0/24.
set interfaces ethernet eth0 address 192.168.200.2/24  <<External IP 
set interfaces ethernet eth1 address 192.168.100.15/24 
<<Internal IP 
 
You should also set up a DNS entry and gateway so that the router can forward all requests out via your LAN gateway.
set system name-server 12.34.56.100
set system gateway-address 192.168.200.1
 
To configure the NAT functionality,
set service nat rule 1 source address 192.168.100.0/24  <<the internal LAN
set service nat rule 1 outbound-interface eth0  <<going out via the external NIC
set service nat rule 1 type masquerade
 
To configure the firewall to block all incoming traffic. Note: Since this is a test LAN and you have an external router, there isn’t a need to set this up, as it adds complexity to the set up of port forwarding in the next section.
set firewall name ALLOW_ESTABLISHED
set firewall name ALLOW_ESTABLISHED rule 10
set firewall name ALLOW_ESTABLISHED rule 10 action accept
set firewall name ALLOW_ESTABLISHED rule 10 state established enable
set interfaces ethernet eth0 firewall in name ALLOW_ESTABLISHED
set interfaces ethernet eth0 firewall local name ALLOW_ESTABLISHED
 
Next step – Setting up port forwarding for SBS 2003 and 2008.

Using Vyatta Router device in HyperV (Part 2)

To Install the Vyatta Router, do the following:
 
Create a new Virtual Device with the following settings.

The hard drive needs only to be a 1GB drive.

You will need two Legacy Network Adapters. Remove the default created Network Adaptor, as Vyatta will not recognize it, and install two Legacy Adaptors. One should be connected to the external network, and the other willbe connected to the Private Virtual Network.

Insert the Vyatta ISO into the CDROM and start the Virtual Machine.

At the login prompt, type the login user and password. Both are vyatta.

Type Install-system to begin the installation.

Answer most of the next few questions with the default answer.

You have to answer Yes to the confirm format of the drive.

Press Enter to copy the default configuration file to the system.

Type in a new administrator password of your choice.

Eject the ISO and it is all ready to go.

The next part will take you through a basic and quick set up to configure the system as a router and basic firewall.

Using Vyatta Router device in HyperV (Part 1)

I run Windows 2008 Server HyperV so that I can deploy my primary SBS 2008 Server, and also to host various test servers. In testing another SBS server, you can set up a Virtual Private Network. However, one of the challenges is to expose this server to the live network to simulate a real world environment using a router.
 
Vyatta (www.vyatta.com) produces an Open Source network appliance which can be configured as a router to bridge the Virtual Private Network to the Live Network, thus creating a real life scenario for the test environment.
 
The main download for the product is Vyatta Core 6.0 LiveCD which can be downloaded here as an ISO – http://www.vyatta.com/downloads/swdl.php
All the documentation for the product can be found here – http://www.vyatta.com/downloads/docdl.php
 
I will blog shortly about how to set up the Router in a hyperV.