Announcement

Collapse
No announcement yet.

Creating a VMWare network with 2 servers and 2 clients

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Creating a VMWare network with 2 servers and 2 clients

    Hello everybody,

    I've googled quite a bit, and I see people here have offered some really good advices for us VMWare Workstation newbies. I believe mine is a really simple problem, but I can't figure out what I'm doing wrong here.

    My school assignment is to install and test Microsoft Forefront Threat Management Gateway 2010. The best scenario is to install it on a server with 2 NICs, so I've decided to create a separate machine for it.

    So, my TMG machine is PC1. It has 2 NICs - one uses a bridged connection with PC's physical network adapter, and the other one has a static IP address, 10.0.0.10/8. PC2 is the domain controller, DNS and DHCP server. It has only one NIC, and it is set to 10.0.0.1/8.

    The clients, and I should add at least two of them, should obtain their IP addresses using the DHCP services of PC2, but if this causes problems in this configuration, it's not mandatory.

    I've tried at least 50 combinations of various variables and I'm not sure what I'm doing wrong. I understand this much about networking and subnets, but for example, PC1 can ping PC2, and vice versa, but they can't ping themselves. Also, when the bridged NIC is active and the other one disabled, PC1 has Internet access (which it should always have), but as soon as I activate the other NIC, the connection to the Internet is lost. At one moment, I was able to add PC1 to my domain regularly (VM detected a domain controller), but I don't know what I did to lose this connectivity. Now PC1 and PC2 cannot communicate regularly. The DNS service works, because when I try to ping PC1.mydomain from PC2, it works, but when i type "ping PC2.mydomain" from PC2 itself, it doesn't respond!

    I would appreciate if somebody could give me the simplest solution here - which type of connection to use for which virtual PC (bridged, NAT, some custom VMNet), and which physical addresses to assign to the virtual adapters in Windows.

    Thanks in advance for any suggestions!

    *EDIT* the IP addresses inside virtual LAN can freely be changed, I only need two static IPs (whichever ones) for PC1 and PC2, all the other IPs can be totally random. I used these given here only as an example.
    *EDIT2* The picture says "PC1 NIC1 IP:10.0.0.1", of course this is the IP address of PC2 (domain controller). PC1 [FMG] NIC1 IP is 10.0.0.10
    Attached Files
    Last edited by n0cturnAL; 6th August 2011, 20:16. Reason: Added picture explanation

  • #2
    Re: Creating a VMWare network with 2 servers and 2 clients

    UPDATE: After posting this, I've managed to configure two servers to work for a while.
    First, I deleted all of the NICs.
    Then I added a VMNet2 adapter to each of the computers, and configured the static IP addresses as specified.
    Later I added the VMNet1 (Bridged) adapter to PC1 and voila - it was connected to the local network and Internet simultaneously.

    However, all of a sudden, after 30 minutes, I've lost Internet access (?!) I changed absolutely nothing since everything worked. Upon reboot of both of the machines, I've also lost access to LAN, so the problem remains

    Comment


    • #3
      Re: Creating a VMWare network with 2 servers and 2 clients

      Can you post the IPconfig of an internal system and the TMG box?
      Marcel
      Technical Consultant
      Netherlands
      http://www.phetios.com
      http://blog.nessus.nl

      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
      "No matter how secure, there is always the human factor."

      "Enjoy life today, tomorrow may never come."
      "If you're going through hell, keep going. ~Winston Churchill"

      Comment


      • #4
        Re: Creating a VMWare network with 2 servers and 2 clients

        Hi there, thanks for your reply!

        While I'm not entirely sure what a "box" is, I'm providing all the available IP configurations.

        And here's the thing: this morning, after a fresh boot, everything worked OK for a couple of minutes, and then stopped again! I am using VMWare Workstation 7.1.4 build-385536, perhaps there is some kind of a bug I'm unaware of?

        With configurations provided, everything seemed to be working OK, the Forefront Threat Management Gateways acted as a web proxy at 10.0.0.10:8080. Is there something I'm missing in the configuration of the VMNet adapters or VMWare itself that is causing this kind of weird behaviour?

        Attached are cmd outputs of ipconfig /all on both computers, the configuration of VMNet2 adapter on my host PC (adapter used to connect the two servers in virtual LAN) and the Network and Sharing Center screenshot of both computers (taken at the moment everything was working OK). Notice that the DC does not correctly identify its own domain (nikolajovic.rs), but rather sees it as an "unidentified network", although all the services work perfectly.
        Attached Files

        Comment


        • #5
          Re: Creating a VMWare network with 2 servers and 2 clients

          First, remove the external DNS server settings on your TMG system.
          Secondly, add on the DC an DNS forwarder towards 192.168.1.1

          Then try again.
          Marcel
          Technical Consultant
          Netherlands
          http://www.phetios.com
          http://blog.nessus.nl

          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
          "No matter how secure, there is always the human factor."

          "Enjoy life today, tomorrow may never come."
          "If you're going through hell, keep going. ~Winston Churchill"

          Comment


          • #6
            Re: Creating a VMWare network with 2 servers and 2 clients

            Originally posted by n0cturnAL View Post
            Hi there, thanks for your reply!

            While I'm not entirely sure what a "box" is, I'm providing all the available IP configurations.
            "Box" simply means the computer. (think computer box)

            Hobie

            Comment


            • #7
              Re: Creating a VMWare network with 2 servers and 2 clients

              Thanks for both replies

              I will try your solution, Dumber, though I think the problem has nothing to do with the configuration of VMs, because every HTTP request made from 10.0.0.1 was properly logged in the Forefront TMG console. Do I need to distribute the address 192.168.1.1 to all the DHCP clients as DNS, or are they automatically forwarded from the TMG machine to the router (which forwards them to the ISP DNS resolvers)? Because it looks to me like this is the case..

              Though we've moved away from VMWare a bit, I could use a few advices on Windows networking, if you think anything else is wrong here, because I haven't done anything quite like this before.

              Just to remind you again, the problem is that this configuration works for some time, then it doesn't, then it all works again - which is really confusing.

              Hobie, thanks for your explanation as well.

              Cheers!
              Last edited by n0cturnAL; 8th August 2011, 13:52.

              Comment


              • #8
                Re: Creating a VMWare network with 2 servers and 2 clients

                Baiscally it's quite simple...

                10.x.x.x network communicates with TMG, and TMG communicates with the outside network.
                DNS resolving should be done by the internal DNS server, located somewhere on the internal network (10.x.x.x)
                This system should forward the DNS requests to and external DNS server, in this case your external router assuming that it is 192.168.1.x network.

                It has certainly nothing to do with VMware, since this setup is how I test ISA and/or TMG all the time in my lab environment.
                Marcel
                Technical Consultant
                Netherlands
                http://www.phetios.com
                http://blog.nessus.nl

                MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                "No matter how secure, there is always the human factor."

                "Enjoy life today, tomorrow may never come."
                "If you're going through hell, keep going. ~Winston Churchill"

                Comment


                • #9
                  Re: Creating a VMWare network with 2 servers and 2 clients

                  Seems to be working OK now, with all the modifications suggested
                  The main problem was, the communication would go down from time to time for no apparent reason, but it doesn't happen anymore, so I guess this one is solved.
                  Thanks a lot for all your help!

                  Comment

                  Working...
                  X