Category Archives: HyperV

Hyper-V virtual machines may not start, and you receive an error: “‘General access denied error’ (0x80070005)”

The error above happened to me today when setting up a new Virtual Machine on a brand new HyperV Server running on Windows Server 2008 R2 Exterprise.

Microsoft Support have a Knowledge Base article on this here –

Basically, the fix is to copy the Virtual Machine ID and run the icacls command from an elevated command prompt.

eg. icacls “E:\VMs\VMName\Disk0.vhd” /grant “NT VIRTUAL MACHINE\5FC5C385-BD98-451F-B3F3-1E50E06EE663”:F

Using Vyatta Router device in HyperV (Part 5)

OK, so that wasn’t the last entry on Vyatta.
This version of SBS (codenamed Aurora), is quite similar to Windows Home Server. As such, it does not appear to run a DHCP Server service by default. Therefore, the DHCP Server service needs to be configured on the Vyatta router. Three command lines will do the trick.
set service dhcp-server shared-network-name ETH1_POOL subnet start stop 
<<Name the Range, set the subnet, then put the starting address and ending adddress for the leases
set service dhcp-server shared-network-name ETH1_POOL subnet default-router <<set the default router
set service dhcp-server shared-network-name ETH1_POOL subnet dns-server <<set the default DNS server

Using Vyatta Router device in HyperV (Part 4)

The final part of this series is to configure the router to enable port forwarding to the internal server. In the Vyatta documentation, this is called Destination NAT (One-to-One).
For a SBS 2003 or SBS 2008 installation, the following ports need to be forwarded to the server – 25 (SMTP), 443 (HTTPS), 4125 (RWW on SBS2003), 987 (RWW on SBS2008). Additionally, once could forward port 3389 (Remote Desktop) if direct terminal access is required.
The command sequence to set up port forwarding for a port (ie. SMTP) is as follows:
set service nat rule 10 description NAT_SMTP  << give it a number and a name
set service nat rule 10 inbound-interface eth0  <<the external NIC
set service nat rule 10 destination port smtp  <<can also use the port number – 25
set service nat rule 10 inside-address address  <<the IP of your internal server
set service nat rule 10 protocol tcp  <<the vyatta manual incorrectly states “protocols”
set service nat rule 10 type destination
Repeat the above, changing the rule number, name, and port number/name.
That’s it. Once the router is set up, it will bridge the private network in HyperV to the external LAN, which will enable testing of the SBS environment apart from the live production network.

Using Vyatta Router device in HyperV (Part 3)

Now that the Vyatta router is in place, we need to configure it to become as firewall and to handle traffic properly.
Once you have logged in to the router, it is a matter of using a series of command. These command are set off by the initial command – configure.
When the series of commands are completed, a commit command must be executed to commit the changes and exit will drop back to the command line.
To set up the NICs on the router, use the following commands. I am assuming that my LAN has an IP range of and the Virtual Private LAN is set to
set interfaces ethernet eth0 address  <<External IP 
set interfaces ethernet eth1 address 
<<Internal IP 
You should also set up a DNS entry and gateway so that the router can forward all requests out via your LAN gateway.
set system name-server
set system gateway-address
To configure the NAT functionality,
set service nat rule 1 source address  <<the internal LAN
set service nat rule 1 outbound-interface eth0  <<going out via the external NIC
set service nat rule 1 type masquerade
To configure the firewall to block all incoming traffic. Note: Since this is a test LAN and you have an external router, there isn’t a need to set this up, as it adds complexity to the set up of port forwarding in the next section.
set firewall name ALLOW_ESTABLISHED
set firewall name ALLOW_ESTABLISHED rule 10
set firewall name ALLOW_ESTABLISHED rule 10 action accept
set firewall name ALLOW_ESTABLISHED rule 10 state established enable
set interfaces ethernet eth0 firewall in name ALLOW_ESTABLISHED
set interfaces ethernet eth0 firewall local name ALLOW_ESTABLISHED
Next step – Setting up port forwarding for SBS 2003 and 2008.

Using Vyatta Router device in HyperV (Part 2)

To Install the Vyatta Router, do the following:
Create a new Virtual Device with the following settings.

The hard drive needs only to be a 1GB drive.

You will need two Legacy Network Adapters. Remove the default created Network Adaptor, as Vyatta will not recognize it, and install two Legacy Adaptors. One should be connected to the external network, and the other willbe connected to the Private Virtual Network.

Insert the Vyatta ISO into the CDROM and start the Virtual Machine.

At the login prompt, type the login user and password. Both are vyatta.

Type Install-system to begin the installation.

Answer most of the next few questions with the default answer.

You have to answer Yes to the confirm format of the drive.

Press Enter to copy the default configuration file to the system.

Type in a new administrator password of your choice.

Eject the ISO and it is all ready to go.

The next part will take you through a basic and quick set up to configure the system as a router and basic firewall.

Using Vyatta Router device in HyperV (Part 1)

I run Windows 2008 Server HyperV so that I can deploy my primary SBS 2008 Server, and also to host various test servers. In testing another SBS server, you can set up a Virtual Private Network. However, one of the challenges is to expose this server to the live network to simulate a real world environment using a router.
Vyatta ( produces an Open Source network appliance which can be configured as a router to bridge the Virtual Private Network to the Live Network, thus creating a real life scenario for the test environment.
The main download for the product is Vyatta Core 6.0 LiveCD which can be downloaded here as an ISO –
All the documentation for the product can be found here –
I will blog shortly about how to set up the Router in a hyperV.