I have a hyper-v server with 4 GigE nic's. I have assigned one of the nic's as an internal network (192.168.x.x) and that nic is working as expected.
We have a need for a server to have access to the public side of our firewall so I have plugged nic #2 into the switch outside our firewall. For security purposes, I do not want the Hyper-V Host to have an IP address on the outside, however, I would like the guests to be able to connect via statically assigned IP's (there is no DHCP server outside our firewall, so all IP's must be statically assigned).
However, when I setup the nic as "external" and plug the cable in, the host shows the wire is connected, but the guest cannot ping anything outside the network.
I'm assuming I need to have the host have a public IP, is that correct? If it is, is there anyway to avoid this?
The host should not need an IP address.
I am assuming you have created a new virtual switch, assigned the second NIC to it and then also a virtual nic in the guest.
You say you cannot ping outside the network? What can you ping ON the network, if you can ping the router or another physical host on th public network IP range, then hyperV networking is operating correctly..
Your issue (as I suspect if the above is true) is relating to the default gateway of the guest, the router which the guest should send all traffic to if it is not destined for the local network.
Have you set the default gateway in the guests network adapter properties to the router on the public network?
Also, does this guest have access to the internal network too? As it could be the case that you end up with two default gateways (one from the internal network virtual adaptor and one from the public virtual network adaptor).
If this is the case you will need to make a decision on which route your default traffic should take and remove one of the default routes.
If you still need certain traffic to exit via the 'other' adaptor, you can always ensure certain IP's/Network ranges are reached by a certain network by adding static routes as so:
Say we have the following: Guest with two virtual adaptors, one on the public network, one on the private; Public IP: 192.168.1.11 Public Subnet Mask 255.255.255.0 (/24) Public Gateway/Router 192.168.1.1
Internal IP: 192.168.2.11 Internal Subnet Mask 255.255.255.0 (/24) Internal Gateway/Router 192.168.22.1
If you have removed the default gateway IP from the internal network adaptor, all traffic bound for networks OTHER than locally connected networks (192.168.1.0/24 and 192.168.2.0/24) will go via the public gateway at 192.168.1.1 (as it's the only default gateway now configured on the guest)...
However, what if 192.168.100.0/24 was only available via the internal network's router? You can add the following rule to tell the guest to route this particular range of IP addresses via the internal network:
route add 192.168.100.0 mask 255.255.255.0 192.168.22.1
//TrX
I have found out what was the issue.
My server has 4 nics, and when I created the new Virtual Network, I had selected the wrong NIC in the list inside of Virtual Network Manager. As soon as I fixed this, I was able to connect and everything worked appropriately.
Thanks @trXuk for your response though!