Networking with VMware, Win server 2012, and VPN.

Zeke_Z

Junior Member
Sep 7, 2015
4
0
0
Hello all! I am stuck and a bit lost on how I can make this work. It really isnt that complicated, I am just verbose. :oops:

I would like to setup a lab test network on my desktop computer so that I can deploy a Win Server 2012 VM and test out all the functionality. I know that I must have the server setup on a network that does not have an active existing DHCP enabled. To make matters a bit more interesting (read: confusing), the desktop PC in question is behind a router, which is plugged into another router, which is plugged into my ISP modem. My initial idea was to use cascading routers like most people say and just turn DHCP off on the one that is connected to the machine hosting the server. I know I must take care to make sure that the internal IP on that network is set to a DIFFERENT subnet than the one that is handling DHCP on the first router. It seems that these two routers I have cannot assign internal IPs outside of 192.168.1.1 through 192.168.1.255. Anytime I try to assign an IP to the second router other 192.168.1.X, it either claims it isnt a valid range or it says that it changed but then I can't get back into the config page. Also, this desktop PC is using PIA's VPN, and I often connect to many different gateway countries when online. Dont know if that matters at all, but PIA's VPN utility does install its own drivers for connectivity to prevent programs from going around it. This is my main desktop computer so I use it for everything. Some have suggested that this ISNT impossible but more difficult than having a secondary computer running on the test network instead of your main desktop. true?

So basically that's the run down.

ISP<---->Router 1(all other connections)<----->Router 2(only my desktop with VPN and VMware)<------>Desktop PC with VPN<----->VMWare<----->Win Server 2012.

Here is the config as it stands today:

My ISP has supplied me with a modem for connectivity (no wifi). The modem ethernet is plugged into the WAN port of my first router (ASUS RT-N65U). This router has two wifi networks on it for all mobile devices in the house and also has a hard wired ethernet for my wife's PC, my Living room TV, and my kitchen PC. It also has a wired ethernet which goes into the LAN (NOT wan) port of my second router (ASUS RT-N56U). From the second router, WIFI has been turned off as well and the only thing plugged into that one is my desktop PC that uses the VPN and has my VM of win server 2012.

In my first router has a LAN IP of 192.168.1.1. I have set the range to 192.168.1.3 through 192.168.1.200 because initially I wanted to use a DMZ address outside of that range, but I never did.

The second router has a LAN IP of 192.168.1.2. This isn't right because that is the same subnet as Router 1 with DHCP on it. Changing that IP to anything else (tried 10.0.0.1, and 172.16.0.0, and 192.168.X.X) makes it inaccessible through the browser configuration. I went back to the first router to use MAC filtering for assigned an IP, yet anything other than 192.168.1.X makes it respond with "invalid IP address". I read in a CNET review that this router, the second router of this story(ASUS RT-N56U) CANNOT change its IP from 192.168.1.X. Seriously?? Maybe its true and Im in denial, but what the hell? I have made sure that DHCP on this second router is OFF.

I see that VMware offers the ability to configure subnets by editing or adding a network adapter. Ive also seen people using Linux VMs (like CentOS) to create a virtual router. Is that what I should do? I think I am making this too complicated! So here I am...

To sum it up, I want my desktop computer(using PIA's VPN) to be isolated on a subet that has Win Server 2012(installed but net setup yet) in a VM. Server will NOT be up 24/7(will that change when it becomes a DHCP server?), but I will need the ability to allow it to access the internet for specific services. To achieve this I have tried to separate my main desktop from all other devices on the network by using two routers, but, again, seems like that won't work because these routers can't change from 192.168.1.X. Lastly, I use this PC for my daily use cases which revolve around VMware, Audio/Video editing, FTP, heavy internet usage, Office, and email.

Any help much appreciated, and I apologize for writing such a loooong entry.
 

sdifox

No Lifer
Sep 30, 2005
100,332
17,913
126
Are you running vmplayer hosting a server 2012 vm on a win 7 machine?
 

Zeke_Z

Junior Member
Sep 7, 2015
4
0
0
Jeez, can't believe I forgot that info! Sorry about that.

I am running VMware Workstation 11 on a Win 7 Ultimate OS.
 

Zeke_Z

Junior Member
Sep 7, 2015
4
0
0
sdifox,

Well from my understanding, the second router separate my Win 2012 Server from all my other devices on the home network. Having the server connected to the same subnet with my router that has DHCP active will cause unholy issues, so I have been told. So I thought that I would use this second router, with a subnet of say 192.168.5.1, to separate the server from the 192.168.1.1. Then, from what I have read, configure port forwarding or a DMZ to allow access to the 192.168.1.1 network and internet access. I used this guide here which helped until I realized he is using a newer model of the Asus router I have which seems to allow him to set a 192.168.X.X address as the LAN IP. Mine cant/wont do that, unless I am just confused how to access it again after it has changed. Someone told me that I need to run ipconfig /flushdns but it didnt work.

Now as far as you said to change the range, I changed it as you suggested so that Router 1 now hands out IPs between 200-240.

I don't know if I fully understand how this will all work, I appreciate your patience. Do I need two routers? Do I want the Server to be doing ALL DHCP if it will be offline unless I am testing it? Do you think setting the second router to access point mode will allow me to set a different subnet?

I appreciate the help sdifox!!
 

sdifox

No Lifer
Sep 30, 2005
100,332
17,913
126
First of all, what are you using the 2012 for? Why do you need it to be on a distinct subnet? And if it is on a distinct subnet, it cannot be your DHCP server for the rest of the clients.

No reason to use the 2012 as the DHCP server unless you are doing it because you want to.
 
Last edited:

mxnerd

Diamond Member
Jul 6, 2007
6,799
1,103
126
It doesn't make sense the router won't let you change its LAN IP.

Maybe you forgot to change you network card IP to be in the same network range?

Or forgot to change AP/router mode?

You can add multiple IP addresses in adapter's TCP/IP config.

Only after you successfully connected to new LAN IP, then you removed the old IP from the adapter.

======

You can put Server 2012 VM in VMware's default NAT network. Other machines then aren't unable to see the server.

But it creates a double NAT, which make it diffcult to access from the internet.

If you really don't want to let other PC to see the PC/server, all you need is turn off Printer and File Sharing,

disable ping and make sure Printer and File Sharing's corresponding firewall settings are disabled.

Put machines on different subnet makes it hard to share stuff, unless you want to learn routing.
 
Last edited:

Zeke_Z

Junior Member
Sep 7, 2015
4
0
0
Sorry for the delay in getting back to you, had to do some work on my circuit breaker today and had no computer access.

I am studying for Windows Server 2012 cert and also, yes mx, I am attempting to learn routing to take my CCNA. Immersion is the only way I can truly learn the concepts. So I guess I am just using it to learn right now and I want to get some experience in fully configuring a domain. I'm also experimenting with esxi and vsphere, I'd eventually like to run a cluster of VMs that all use the server. Sort of like a simulated company, that grows the more I learn, from one computer to, many computers, to multiple domains.


And if it is on a distinct subnet, it cannot be your DHCP server for the rest of the clients.

If you mean that by putting the server on a different subnet it will not be able to hand out address to the rest of the devices in the house, then that is what I want. I will be deploying machines on the same subnet as the server like the vsphere cluster and some other VMs I already have running.

I am trying to visualize how it all comes together, not quite there but I feel like I am almost there.

Maybe you forgot to change you network card IP to be in the same network range?

That could very well be. How can I check, or will running a DNS flush do it?

Or forgot to change AP/router mode?

Will changing the router from router mode to access point mode allow me to change the subnet? Maybe I should try that first.

You can add multiple IP addresses in adapter's TCP/IP config.
Only after you successfully connected to new LAN IP, then you removed the old IP from the adapter.

Can you give me an example of doing that?

I know these are simple things, I ask more so to clarify that I did everything right because at this point a simple check box or a number wrong could cascade into bigger problems.

Found a guide on using pfsense as a virtual router, but I dont know if that is overkill or not.

I really do want to get the feel for a full configuration of a Win 2012 server like I described above, maybe I am going about it the long way around. I am open to all ideas.

I hope that answers your questions!
 

sdifox

No Lifer
Sep 30, 2005
100,332
17,913
126
https://www.vmware.com/support/ws55/doc/ws_net_advanced_2hostonly_routing.html

you can use pfsense for this.
 
Last edited: