Note: This tip requires PowerShell 3.0 or above.
Using the Add-VMNetworkAdapterAcl cmdlet we can create ACLs (firewall-like rule) that applies to the traffic through a virtual machine network adapter. We can use it to allow or block traffic to or from specific sources by using IP addresses (including a range of addresses) or MAC addresses.
ACL rules apply to Hyper-V switch ports and currently can only be set using PowerShell. They control whether a packet is allowed or denied on the way into or out of the VM. Multiple port ACLs can be configure for a Hyper-V switch port.
The following command will deny inbound and outbound traffic from VM1 to the remote IP address 192.168.0.1
Add-VMNetworkAdapterAcl –VMName VM1 -RemoteIPAddress 192.168.0.1 -Direction Both -Action Deny
To remove the rule:
Remove-VMNetworkAdapterAcl -VMName VM1 -RemoteIPAddress 192.168.0.1 -Action Deny -Direction Both