Local Area Network (LAN) in Hyper-V

Complete guide for creating and managing a Local Area Network (LAN) in Hyper-V with Windows Server 2012 R2 through 2022.

Overview

This guide shows you how to set up an isolated or connected LAN environment in Hyper-V for testing, development, or production scenarios.

Prerequisites

• Hyper-V enabled on Windows 10/11 Pro or Windows Server
• At least 8 GB RAM (16 GB recommended)
• Windows Server ISO (2012 R2, 2016, 2019, or 2022)
• Administrative access

Network Topology Options

Option 1: Isolated LAN (Internal Network)

• VMs can communicate with each other only
• No internet access
• Good for: Testing, secure environments

Option 2: Connected LAN (External Network)

• VMs can communicate with each other AND the internet
• Uses host's network adapter
• Good for: Development, production

Option 3: Hybrid (Internal + NAT)

• VMs communicate internally
• NAT provides internet access through host
• Good for: Lab environments

Step 1: Create Virtual Switches

Create Internal Virtual Switch

Open Hyper-V Manager and go to Virtual Switch Manager:

For Isolated LAN:

1. Click New virtual network switch
2. Select Internal
3. Click Create Virtual Switch
4. Name it: vSwitch-LAN
5. Click OK

For Connected LAN:

1. Select External
2. Choose your physical network adapter
3. Name it: vSwitch-External
4. ✓ Allow management operating system to share this network adapter
5. Click OK

Create Management Switch (Optional)

For host-to-VM communication:

1. Create another Internal switch
2. Name it: vSwitch-Management

Step 2: Create Virtual Machines

Create Windows Server VM

1. Right-click New → Virtual Machine
2. Name: DC01 (Domain Controller)
3. Generation: Generation 2
4. Memory: 2048 MB minimum (4096 MB recommended)
5. Network: Select vSwitch-LAN
6. Virtual Hard Disk: 60 GB
7. Install from ISO: Select Windows Server ISO
8. Finish and start VM

Install Windows Server

Boot the VM and install Windows Server:

1. Choose Windows Server 2019 Standard (Desktop Experience)
2. Custom installation
3. Complete setup with Administrator password

Step 3: Configure IP Addressing

Static IP for Domain Controller

On the DC01 VM, open PowerShell as Administrator:

# Set static IP
New-NetIPAddress -InterfaceAlias "Ethernet" -IPAddress 192.168.100.1 -PrefixLength 24

# Set DNS to itself (after DNS role installed)
Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses 192.168.100.1

IP Plan Example

Recommended IP addressing scheme:

Network: 192.168.100.0/24

192.168.100.1      - Domain Controller (DC01)
192.168.100.2      - Secondary DC or File Server
192.168.100.10-50  - Servers (DHCP reservation range)
192.168.100.100-200 - DHCP pool for clients
192.168.100.254    - Gateway (if using NAT/router)

Step 4: Install Active Directory Domain Services (ADDS)

Install AD DS Role

On DC01:

# Install AD DS role
Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools

# Promote to Domain Controller
Install-ADDSForest `
  -DomainName "lab.local" `
  -DomainNetbiosName "LAB" `
  -InstallDns `
  -SafeModeAdministratorPassword (ConvertTo-SecureString "P@ssw0rd123!" -AsPlainText -Force) `
  -Force

Server will reboot automatically.

Step 5: Configure DNS

DNS is automatically installed with ADDS. Verify:

# Check DNS service
Get-Service DNS

# View DNS zones
Get-DnsServerZone

Create Reverse Lookup Zone

Add-DnsServerPrimaryZone -NetworkID "192.168.100.0/24" -ReplicationScope "Forest"

Step 6: Configure DHCP (Optional)

Install DHCP Role

# Install DHCP
Install-WindowsFeature -Name DHCP -IncludeManagementTools

# Authorize DHCP in AD
Add-DhcpServerInDC -DnsName "DC01.lab.local"

Create DHCP Scope

# Create DHCP scope
Add-DhcpServerv4Scope `
  -Name "LAN Clients" `
  -StartRange 192.168.100.100 `
  -EndRange 192.168.100.200 `
  -SubnetMask 255.255.255.0 `
  -State Active

# Set DHCP options
Set-DhcpServerv4OptionValue `
  -ScopeId 192.168.100.0 `
  -DnsServer 192.168.100.1 `
  -Router 192.168.100.254

Step 7: Add Client VMs to the LAN

Create Client VM

1. Create new VM: Client01
2. Connect to vSwitch-LAN
3. Install Windows 10/11
4. Network should auto-configure via DHCP

Join Domain

On client VM:

# Set DNS to DC
Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses 192.168.100.1

# Join domain
Add-Computer -DomainName "lab.local" -Credential (Get-Credential) -Restart

Step 8: Enable Internet Access (NAT Option)

Configure NAT on Host

On your host computer (not VM), run PowerShell as Administrator:

# Create NAT network
New-NetNat -Name "HyperV-NAT" -InternalIPInterfaceAddressPrefix 192.168.100.0/24

Configure Gateway on VMs

Update DHCP or static IP to use gateway:

# On DC or DHCP server
Set-DhcpServerv4OptionValue -ScopeId 192.168.100.0 -Router 192.168.100.1

Step 9: Configure Firewall Rules

Allow Ping (ICMP)

On all VMs:

# Enable ping
Enable-NetFirewallRule -DisplayName "File and Printer Sharing (Echo Request - ICMPv4-In)"

Allow RDP

# Enable RDP
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -Name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

Step 10: Testing and Verification

Test Network Connectivity

From any VM:

# Test DNS
nslookup lab.local

# Test connectivity
ping DC01.lab.local
ping 192.168.100.1

# Test internet (if NAT configured)
ping 8.8.8.8

Verify DHCP Leases

On DC:

Get-DhcpServerv4Lease -ScopeId 192.168.100.0

Verify AD Domain

# List domain computers
Get-ADComputer -Filter *

# List domain users
Get-ADUser -Filter *

Advanced Configuration

Create Additional VLANs

For network segmentation:

1. Create additional virtual switches
2. Configure VLANs in Hyper-V
3. Use Windows Server routing between VLANs

Configure File Shares

On DC or file server:

# Create shared folder
New-Item -Path "C:\Shares\Public" -ItemType Directory
New-SmbShare -Name "Public" -Path "C:\Shares\Public" -FullAccess "Everyone"

Backup and Snapshots

# Create VM checkpoint
Checkpoint-VM -Name "DC01" -SnapshotName "After AD Configuration"

Troubleshooting

VMs Can't Communicate

1. Check virtual switch assignment
2. Verify IP addresses: ipconfig /all
3. Check firewall rules
4. Ping gateway and other VMs

No Internet Access

1. Verify NAT is configured on host
2. Check gateway setting in DHCP/static IP
3. Verify DNS settings point to DC
4. Test: ping 8.8.8.8

Domain Join Fails

1. Verify DNS points to DC: ipconfig /all
2. Test DNS: nslookup lab.local
3. Ping DC by name: ping DC01.lab.local
4. Check time synchronization: w32tm /query /status

Network Diagram

┌──────────────────────────────────────────────┐
│          Host Computer (Physical)            │
│  ┌────────────────────────────────────────┐  │
│  │      Hyper-V Virtual Switch (LAN)      │  │
│  └──────────┬──────────┬─────────┬────────┘  │
│             │          │         │           │
│       ┌─────▼───┐  ┌───▼───┐  ┌──▼─────┐     │
│       │  DC01   │  │ SRV01 │  │Client01│     │
│       │192.100.1│  │192.100│  │ DHCP   │     │
│       │AD DS+DNS│  │  .2   │  │        │     │
│       │  +DHCP  │  │       │  │        │     │
│       └─────────┘  └───────┘  └────────┘     │
└──────────────────────────────────────────────┘

Next Steps

• Set up File Server role
• Configure WSUS for updates
• Implement Group Policy
• Add Certificate Services (CA)
• Configure Backup solution

Additional Resources

• Microsoft Hyper-V Documentation
• Active Directory Best Practices
• See also: "Windows Server 2019 in Hyper-V" manual