header image

How to install VyOS Router/Appliance on Hyper-V – Part 2: Configuration

Completing the series with the Part 2 of “How to install VyOS Router/Appliance on Hyper-V” with the configuration process.

On my last Post “How to install VyOS router on Hyper-V – Part 1: Setup and Install” I’ve covered:

– Introduction: My LAB environment
– Phase 1: Download VyOS and prepare a VM to run VyOS router
– Phase 2: Install VyOS on a VM

On this post I’ll cover:

– Phase 3: Configure VyOS Router
– Phase 4: Configure VyOS Network Services

Phase 3: Configure VyOS Router

1. Make sure you Ejected the VyOS iso image from the VyOS VM

2. Start the VM


3. Login to VyOS

VyOS login: vyos
VyOS password: password defined during the installation process

3. Confirm that you have valid NIC’s to be configure (eth0, eth1, eth2), list the NICs:

# show interfaces

4. Configure the router network interfaces, system gateway (ISP 3G router), system name server (ISP 3G router) and hostname.

# configure
# set interfaces ethernet eth0 address
# set interfaces ethernet eth1 address
# set interfaces ethernet eth2 address
# set system gateway-address
# set system name-server
# set system host-name vyos
# commit
# save

Note: Just to refresh your memory, when we created and configured the VyOS VM on Hyper-V we added the network interfaces in the following order: “Internal”, “External” and “Extranet – DMZ”. When you configure VyOS interfaces “eth0”, “eth1” and “eth2” the Ip Address and Netmask for those interfaces should respect the exact same order, for instance:

eth0 = (“Internal” Virtual Switch)
eth1 = (“External” Virtual Switch)
eth2 = (“Extranet – DMZ” Virtual Switch)

If you fail to accomplish the configuration with the same order you’ll have a mismatch between your interfaces (eth0, eth1, eth2) and their designated vSwitch (“internal”, “external” and “extranet – DMZ”), obviously this can cause network issues.

5. Enable VyOS Web administration interface (not available at the moment with VyOS 1.0.3):

# set service https
# commit
# save


6. Enable VyOS SSH administration:

# set service ssh
# commit
# save

Phase 4: Configure VyOS Network Services

4.1 Configure NAT

4.1.1 Enable NAT Masquerade for the “Internal” vSwitch VLAN ( through the eth1 interface connected to the “External” vSwitch

# set nat source rule 1
# set nat source rule 1 source address
# set nat source rule 1 outbound-interface eth1
# set nat source rule 1 translation address masquerade
# commit
# save
# exit

The VyOS interface eth1 on the “External” vSwitch is connected to my “3G ISP Wifi Router” as I am using Wireless Bridging on Hyper-V, while doing this NAT configuration I am providing Internet access to all the VM’s hosted on the subnet and masking their Addresses, even on a “Internal only” Hyper-V Switch configuration. ;)

4.2 Configure webproxy for the network 172.0.0.x/24 (extranet – dmz)

set service webproxy default-port 8080
set service webproxy listen-address
set service webproxy disable-access-log

4.3 Configure the name resolvers for VyOS

Edit the dns options file “resolv.conf” with the following:

# sudo nano /etc/resolv.conf

Add the following entries and press [CONTROL]+[X] to save and exit


With this dns resolvers configuration pointing to the localhost “” VyOS will return DNS queries from it’s own DNS zones if you are running a DNS Server on VyOS (e.g. “labdom.com” and “1.168.192.in-addr.arpa”), and while also pointing to 3G ISP Router IP address it will either resolve DNS queries on the Internet.

This completes the series of “How to install VyOS Router/Appliance on Hyper-V”.

R-Tape Loading error,
Luís Rato

~ by lrato on June 17, 2014.

Hyper-V, Linux, Security

Leave a Reply

%d bloggers like this: