Note: This article was originally published in 2013. Some steps, commands, or software versions may have changed. Check the current Hyper-V 2012 documentation for the latest information.
In this step-by-step guide, you’ll learn remotely manage a hyper-v server / enable firewall exceptions.
How to: Remotely manage a (http://microsoft.com/hyper-v “Hyper-V”) Server / Enable Firewall exceptions
Unfortunately one of the things you will find out when you install a Hyper-V Server 2012 is that it is completely locked down. You are provided with a very neat utility that allows you to easily perform common tasks like enabling remote management, configuring your network, etc. but it has a few shortcomings. One of them is that you cannot configure your (http://en.wikipedia.org/wiki/Network_switch “Network switch”) or the (http://en.wikipedia.org/wiki/Virtual_LAN “Virtual LAN”) for management through it (you can of course use (http://www.microsoft.com/powershell “Windows PowerShell”)). The other one which this guide is focused on is how to enable all the firewall exceptions you need to effectively manage remotely the server. If I am not mistaken when you select the option to enable remote management on Hyper-V server 2008 it generates the required exceptions on the machine… but for some reason Hyper-V 2012 does not. Below are a few Powershell commands you can run to enable the most common management exceptions for your Hyper-V server host:
Enable-NetFirewallRule -DisplayGroup “Windows Remote Management”
which in turn enables the following:
- Remote Service Management
- Remote Volume Management
- Remote Event Log Management
- Remote Scheduled Tasks Management
- Remote Volume Management
- Windows Firewall Remote Management
- Windows Remote Management
which can be enabled manually or individually like so:
netsh advfirewall firewall set rule group=”(http://en.wikipedia.org/wiki/Remote_administration “Remote administration”)” new enable=yes netsh advfirewall firewall set rule group=”File and Printer Sharing” new enable=yes netsh advfirewall firewall set rule group=”Remote (http://en.wikipedia.org/wiki/Service_management “Service management”)” new enable=yes netsh advfirewall firewall set rule group=”Performance Logs and Alerts” new enable=yes (http://en.wikipedia.org/wiki/Netsh “Netsh”) advfirewall firewall set rule group=”Remote Event (http://en.wikipedia.org/wiki/Log_management_and_intelligence “Log management and intelligence”)” new enable=yes Netsh advfirewall firewall set rule group=”Remote (http://en.wikipedia.org/wiki/Windows_Task_Scheduler “Windows Task Scheduler”) Management” new enable=yes netsh advfirewall firewall set rule group=”Remote Volume Management” new enable=yes netsh advfirewall firewall set rule group=”(http://en.wikipedia.org/wiki/Remote_Desktop_Services “Remote Desktop Services”)” new enable=yes netsh advfirewall firewall set rule group=”(http://en.wikipedia.org/wiki/Windows_Firewall “Windows Firewall”) Remote Management” new enable =yes netsh advfirewall firewall set rule group=”windows management instrumentation (wmi)” new enable =yes net start vds
And if you are trying to run a replica server using (http://en.wikipedia.org/wiki/HTTP_Secure “HTTP Secure”):
netsh advfirewall firewall add rule name=”Https Replica in” dir=in protocol=TCP localport=443 action=allow
- (http://en.wikipedia.org/wiki/Logical_Disk_Manager “Logical Disk Manager”). You must first start the Virtual Disk Service (VDS) on the Hyper-V server. You must also configure the Disk Management rules appropriately on the computer that is running the MMC snap-in.
- IP Security Monitor. You must first enable remote management of this snap-in. To do this, at a command prompt, type: Cscript windowssystem32scregedit.wsf /im 1
- Reliability and Performance. The snap-in does not require any further configuration, but when you use it to monitor a Hyper-V server, you can only monitor performance data. Reliability data is not available.
(http://img.zemanta.com/zemified_h.png?x-id=1117efa1-debe-4b5b-9aee-9df541af16d4)](http://www.zemanta.com/?px “Enhanced by Zemanta”)
Summary
You’ve successfully learned remotely manage a hyper-v server / enable firewall exceptions. If you run into any issues, double-check the prerequisites and ensure your Hyper-V 2012 environment is properly configured.