I have two VLANs on my network. VLAN 100 for users in the office, and VLAN 10 for visitors/guests. Neither VLAN has access to the other, and each has its own internet connection. However, I want to set up a hyper-v server to control the public workstations on the guest network (VLAN 10).
On the physical server, I have two NICs which are teamed using BACS4.
I want to allow VLAN 100 full access to the server. I do not want VLAN 10 to see the physical server at all–just the hyper-v VM.
Currently, the switch ports are configured for link aggriation and are in access mode for VLAN 100.
I've tried all sorts of combinations and procedures, but have not had any luck getting everything working properly.
Here's what I've tried, which seems to be the closest that I've gotten:
- Add two VLAN NICs to the team (VLAN 100 and VLAN 10)
- Change the switch port mode to trunk and add VLAN 100 and VLAN 10)
- In hyper-v, create a new external virtual adapter using the VLAN 10 virtual NIC.
Under these conditions, the physical server is available to the VLAN 10 network.
These is some sort of glitch in hyper-v where I can sometimes get the "enable virtual LAN identification for management operating system" option available. If I enable that and set the VLAN ID to 10, the hyperv adapter throws an error message and fails to be created.
What is the correct approach for setting this up?
Best Answer
The teaming software needed to create the two virtual adapters, with each one assigned to a VLAN.
When creating the hyper-v external virtual adapter, the "allow management operating system to share this network adapter" option needed to be checked for VLAN 100 and unchecked for VLAN 10.
The LAG on the switch needed to be in trunk mode with VLANs 100 and 10.