Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

how to create second network ??

1 view
Skip to first unread message

steve

unread,
Dec 23, 2009, 4:01:25 PM12/23/09
to
Im not sure how much of this I will achieve with Christmas holidays
and all but anyway.

I want to set up a second network on our network for testing purposes
with VPC's. While i have done many things on one network, eg set them
up etc. My knowledge of the interactions of two networks is lacking.
So what I want may seem odd, excuse my naivety.

My goal is to set up a test (Phantom) network on one (perhaps two)
computer(s) as a copy of our 10.1.0.x network. (real network) We
basically want to create a couple of Virtual Pc's, say our print
server, exchange server, file server, and a workstation maybe to do
some testing. Of course we want to keep the network completely
separate from our real network as it will cause conflicts with the
same names of machines and stuff.

The other IT person said that we should be able to do this so long as
we change the IP addresses of the various computers from 10.1.0.x to
ip's 192.168.1.x. etc.

There are many bits of the puzzle that I don't understand but at the
moment the question is, that if I set up the host computer (server
2003) with two ip addresses 10.1.0.48 and also 192.168.1.2, then set
up a VPC (server 2003) on that host with the ip of 192.168.1.50 and
then set up a share on the host computer /temp, I can see it from the
VPC . Great, it shows conectivity to the other computer. The problem
is that I cannot from the VPC connect to the internet. I want to do
this so that I can update software on the VPC. I try putting in the
host IP 192.168.1.2 as gateway, I try putting in the real gateway as
the gateway eg 10.1.0.27 but still cant connect to the internet from
the VPC, despite the fact that the host can and I can see the shared
files from the VPC on the host. Oviously Im missing some thing I think
elementary.

I suppose Im not quite sure how to make the host a gateway, which is
maybe what I have to do.

Thanks.
(dns I just make some outside number)

So the question is how can I set up the VPC so that it is separate
from the real network but still going through the 10.1.0.x network to
surf the web.

Thanks and Happy Christmas.

Bo Berglund

unread,
Dec 23, 2009, 4:31:01 PM12/23/09
to

You don't need an extra NIC on your host even though it will offload
the traffic. One NIC is completely sufficient.

But you need to have at least one virtual machine that is dual-homed
(has two virtual NIC:s). This will act as the router from the internal
isolated network to the outside world.

The configuration could then be like this:
1) Router
This has two NIC:s:
#1 is Local Only and is used to communicate with the other virtual
machines
#2 is connected to the host's physical NIC and will get its address
from the real network DHCP server.

2) All other virtual machines
These are using Local Only as the network type. With this they can
communicate amongst themselves but cannot reach outside this
environment. Except of course via the router out to the Internet.

You have to activate the RRAS role on the router and set it up to
route local traffic to the internet via the "outside" NIC.
You may as well also install a DHCP server on this router so it will
hand out the IP addresses to the other virtual machines.
The router must have a fixed address on its internal (Local Only) NIC.

If you don't want to set up a DHCP server role on the router then you
can use fixed addresses also for the other virtual machines. You can
use any network you like for this (10.0.0.x or 192.168.1.x or
whatever) because it will not reach outside the confines.
However you must avoid using the same network as the outside LAN
because the router will be on both...

HTH
--

Bo Berglund (Sweden)

steve

unread,
Dec 27, 2009, 8:10:46 AM12/27/09
to
Thanks I think I understand. If we already have a network that is
192.168.1.1 (just a few machines) if I used 192.168.10.1 would that be
separate enough.

As it it is Christmas I will probably not get to this for several
days, but Im sure I will be back with questions.
Thanks.

Bo Berglund

unread,
Dec 27, 2009, 10:50:05 AM12/27/09
to

All virtual computers set to "Local only" will be completely isolated
from your normal network, also if they use the 192.168.1.x network.
Tbey have no way to reach the "wires" of that network so to say.

But if your host machine is on the 192.168.1.x network AND you want
connectivity from your host into the virtual machine network, then you
should use a completely different network for the virtual machines.
Completely different here means that at least one of the octets
corresponding to the netmask number 255 should be different.
So 191.168.1.x, 192.169.1.x, 192.168.2.x etce are all usable if you
have a netmask of 255.255.255.0 because at least one number is
different.

Then you can add a loopback adapter to your *host* and give it an IP
on that same network and you'll be fine.

But look out for firewalls! Even though you have arranged proper
addresses on the same network it might not work to ping because the XP
SP2 and up firewall blocks ping (ICMP) by default....
And you might not be able to ping by host name either because of a
lack of a DNS server. Use IP address in such a case.
--

Bo Berglund (Sweden)

steve

unread,
Dec 29, 2009, 11:46:41 AM12/29/09
to
thanks I will press on.

steve

unread,
Dec 29, 2009, 2:05:25 PM12/29/09
to
Ok I have done all the set up and seems to have a nice little separate
network that I can surf the we web from. thanks

However, its so separate that I cant get files from the old network. I
want to pick up some files from the old network eg backup files so
that I can test some restores.

Other than physical devices how can I copy files from one network over
to the other. Backup files are 20 Gigs or more. Emailing is out of the
question. ???

I have set up two nics on the VM one is the outside network and the
other is the inside local.

Regards

steve

unread,
Dec 29, 2009, 2:31:57 PM12/29/09
to
Ok figured it out. Share a folder then
type
\\10.1.0.27\temp

steve

unread,
Dec 30, 2009, 4:32:36 PM12/30/09
to
Ok Im back.

I have restored a print server to the phantom network.
The host is on our 10.1.0.x network.
The VM is has two Virtual nics. On is the outsite using dhcp to pick
up info on the 10.1.0.x network and is listed as linking with the nic
on the host computer. The other nic i have configured as local. and
using ips of 192.168.10.1.

However when I restored the print server prnsrv it says there was a
duplicate name on the network. Well thats good and bad. It tells me
that the restore was perfect down to the name of the computer. But I
thought that I had set this up so that the network was separate. (this
machine is also a domain controller) secondary.

I have been looking at the Routing and Remote Access window as
suggested but I have no idea how to configure this. My Microsoft
course never even mentioned it. At first I tried it and it and it said
that the icf was enabled and had to be disabled. Well I looked High
and low and the ICF was not enabled it clearly said it was disabled
but I still could not run the "Configure and Enable routing and remote
access" wizard.

Soo after doing some reading it appears others were having the same
problem and most didnt know how to solve it. Finally I found this
script which seems to fix the problem.

Set WMI = GetObject("WinMgmts:\root\Microsoft\HomeNet")
Set Objs = WMI.InstancesOf("HNet_ConnectionProperties")
For Each Obj In Objs
Obj.IsFirewalled = False
Obj.Put_
Next

Well that worked when run as a .vbs

Now the wizard is open but Im not sure what to do to only let


to activate the RRAS role on the router and set it up to
route local traffic to the internet via the "outside" NIC.

Can anyone provide any help on this.

Regards

0 new messages