#PSTip How to prevent a VM from becoming a Router

Note: This tip requires PowerShell 3.0 or above.

Similarly to the Hyper-V security feature discussed here, Hyper-V can also protect the environment from VMs pretending to act as Routers.

Router Guard allows you to specify whether the router advertisement and redirection messages from unauthorized VMs should be dropped. A malicious VM can send router advertisement messages or respond to another VM’s router solicitation messages to claim itself as the router.

Set the RouterGuard parameter to_ “On” to drop router messages sent from a VM. Set it to “Off” _to allow the messages.

Set-VMNetworkAdapter -VMName VM1 -Name Public -RouterGuard On
Share on: