2
I am trying to setup a Windows Server 2012 R2 machine, primarily DC and fileserver roles, in such a way that I would not need an extra router in our network, because I would like to have it inside Windows as a Virtual machine in Hyper-V.
So far, we have been using some old scrapped physical computers with installed pfSense BSD router distribution as our routers and in addition a physical Windows server machine. That is two PC's running. The problem is, that the old computers (routers):
- consume too much power
- tend to break down often
I've now been playing around with the new setup, as described in the first paragraph, but it is quite complicated and I am not sure if I am doing it right. So my questions are:
- Whether this new setup is possible to run and operate in production environment (for real)?
- Do I still really need to use legacy network adapters in VM (because all the guides I've found so far speak so)? Because I have tried to use default ones ("Network Adapter", each connected to one Virtual Switch connected as external to one physical NIC), and it seems to work, because when I boot pfSense, they appear normally there as "hn0", "hn1" and "hn2" devices (cannot post screenshot due to insufficient reputation)
- I will need 2 WANs, that is why I have 3 NICs (one is for LAN). I suppose it is correct to assign each physical NIC to one separated virtual switch in external mode (?), because if it was physical router, that is how it would be.
- Will VLAN work in such a setup? Because we have a managed switch tagging packets on some ports which is later being used in pfSense router to make these packets route through the second WAN.
- Would be better to run the Windows server virtually in Hyper-V, too? The primary role is DC and Fileserver, and I am concerned about fileserver performance in the virtualized environment...
- How to setup it all in such a way that the Windows server would be behind the virtualized pfSense router from the network point of view? I mean the Windows server itself should not be exposed directly to WAN, instead, it should be accesible through "LAN" only (and from WAN only using port forwarding in the router)
- for our LANs we are using 10.x.x.x subnets, I am using latest pfSense (2.2.2)
Thank you very much for help
Thank you very much for a tip. Meanwhile, though, we have come up with a complete new network setup, so this question is not relevant any more in our context. But still might be useful for others, though... Thanks! – crysman – 2015-09-26T09:04:28.283
I thought so, but figured it would still be useful for someone else. Cheers! – Teio – 2015-09-30T08:57:51.187