Re: Server 2008 NAT and VM adapters

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Hello Tom,

I suggest that you better post this to:
http://social.technet.microsoft.com/forums/en-US/winserverhyperv/threads/

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


Ok, so I'm a bit of a newbie, but I've gotten pretty far in setting up
our church network. What we got: Windows Server 2008 Enterprise.
I've installed Server Core with Hyper-V as the host machine on the
physical box, and created 3 VM's. VM1 is the primary DC; VM2 is the
backup DC and file server; VM3 has RRAS and NAT on it (w/ print
services following later). The physical server has 2 NIC's: one
connected to the cable modem (Internet) and one connected to the
network switch (LAN).
VM3 has two virtual network adapters, each piggybacking on the
physical adapters. VM3 is acting as the gateway for clients (also
connected to the switch) to the Internet. This was for security
purposes, to isolate the Internet from the LAN. Now, my issue is two
parts:

1. Internet access is pretty slow, much slower than when the gateway
for the clients was the modem. Not quite dial-up slow, but pretty
close. Sometimes connections even time out. Not that internal access
is quite fast.

2. When I create VM's it seems I HAVE to use the legacy adapters. Here
is the weird thing: I originally installed the full version (not Core)
of Enterprise as the host machine to fool around (I later wiped it and
installed Core), and created VM's. I could have sworn that when I
created the VM's, I did not have to use the legacy adapter option when
creating the virtual adapters. Now that I'm using Core, is there
something else I need to do, to not have to use the legacy adapters?
I am wondering if the legacy adapters are making the Internet access
slow for clients?

Bonus question: is it absolutely necessary to isolate the switch from
the Internet to maximize security? Or should I just go ahead and plug
the switch into the modem and have the clients' gateways be the
modem? How would this affect VPN capabilities I'd like to have later?
Your help is much appreciated,
Tom


.

Relevant Pages

  • Re: NTFS permissions and inheritance
    ... but I don't seem to find anything on the internet. ... about the /I switch with xcacls.vbs, but that's not really what I need. ... >> the clients in my domain. ... >> security, but they're not sufficient. ...
    (microsoft.public.windows.server.scripting)
  • Re: iptables: port forwarding and hardware router
    ... > I have the following configuration: ... > With this settings, everything works fine, all clients can send and ... > data from the internet. ... SWITCH (Check to see if the uplink being used to send the data to eth0? ...
    (alt.os.linux.suse)
  • Re: Internet Sharing
    ... If you have a DSL connection with a router to the internet, i strongly recommend to connect all machines to a switch and the switch to the router. ... I Have a Lan With AD/DNS and static IP On Clients. ...
    (microsoft.public.windows.server.networking)
  • Re: iptables: port forwarding and hardware router
    ... > I have the following configuration: ... > With this settings, everything works fine, all clients can send and ... > data from the internet. ... SWITCH (Check to see if the uplink being used to send the data to eth0? ...
    (comp.os.linux.networking)
  • Re: ISA Server Problems, please help
    ... > clients are unaffected, is it secureNAT clients which are affected? ... then checked Send the original host header to the publishing server instead ... > provided unrestricted internet access. ...
    (microsoft.public.windows.server.sbs)