Is it possible to create a standalone Hyper-V VM instance that can still be accessed remotely?

1

I'm setting up four Hyper-V VMs using the same image for a school project. The image contains a Windows 10 install with some simulated illegal things so they can play forensic analyst and find them.

The problem is I want to give each student remote access to their own machine, but not to the other VMs and especially not to the rest of the network or the Internet.

Is it possible to set up the Hyper-V VMs so that they can use remote desktop to access their VM, but once they are logged in they are unable to access anything on the network via that guest VM?

Jane Panda

Posted 2016-08-03T04:43:29.447

Reputation: 1 089

Answers

1

You can probably connect directly to the console of the VMs if you're able to use the vmconnect.exe which requires adding the Hyper-V admin tools first. If you go this route you can keep the NICs on the VMs themselves unconfigured, absent or otherwise unable to reach the LAN or each other. (More info on that here: Directly accessing Hyper-V console via RDP)

Another option: Assuming these users have their own PCs or laptops that are on the LAN and you want to stick with RDP you could use very aggressive firewall settings to limit access from student A into machine A only. You could probably use IP or MAC filtering to allow access via 3389 and simply deny all other traffic to the machine via the virtual NIC. This would of course be best done via a physical firewall between the students and the Hyper-V host that the students do not have access to manage.

Mimp

Posted 2016-08-03T04:43:29.447

Reputation: 174

Asked: 2016-08-03T04:43:29.447

Viewed: 126 times

Active: 2016-08-04T23:19:59.187