3

#PSTip Controlling traffic of a VM network adapter in Hyper-V

Note: This tip requires PowerShell 3.0 or above.

Using the Add-VMNetworkAdapterAcl cmdlet we can create ACLs (firewall-like rule) that applies to the traffic through a virtual machine network adapter. We can use it to allow or block traffic to or from specific sources by using IP addresses (including a range of addresses) or MAC addresses.

ACL rules apply to Hyper-V switch ports and currently can only be set using PowerShell. They control whether a packet is allowed or denied on the way into or out of the VM. Multiple port ACLs can be configure for a Hyper-V switch port.

The following command will deny inbound and outbound traffic from VM1 to the remote IP address 192.168.0.1

Add-VMNetworkAdapterAcl –VMName VM1 -RemoteIPAddress 192.168.0.1 -Direction
Both -Action Deny

To remove the rule:

Remove-VMNetworkAdapterAcl -VMName VM1 -RemoteIPAddress 192.168.0.1 -Action Deny -Direction Both

Filed in: Columns, Tips and Tricks Tags: , ,

3 Responses to "#PSTip Controlling traffic of a VM network adapter in Hyper-V"

Leave a Reply

Submit Comment

© 2016 PowerShell Magazine. All rights reserved. XHTML / CSS Valid.
Proudly designed by Theme Junkie.
%d bloggers like this: