How to set up home IT lab on virtual machines?

Started by lillianmays, Mar 21, 2023, 06:34 AM

Previous topic - Next topic

lillianmaysTopic starter

I would like to establish a home stand for system administration training, using virtual machines. To achieve this, I need to deploy one virtual machine (Windows Server) on a physical machine with Active Directory and routing roles, as well as two virtual machines running Windows Professional. These three virtual machines should be in separate subnets, and the internet connection for the workstations should be routed through the virtual server.

 I am looking for guidance and solutions on how to accomplish this, preferably not limited to Virtual Box. Additionally, I would like to explore setting up a firewall on the virtual server for penetration testing purposes, which would require two virtual network adapters on the server. Any suggestions or links to relevant resources would be greatly appreciated!


It is crucial to have Windows installed on the main machine.

To achieve this, perform the following steps:

- Enable the Hyper-V role
- Activate the "Data Deduplication" feature
- Allocate a separate disk for virtual machines (Disk V)
- Enable data deduplication for this disk in its properties
- Open the Hyper-V management snap-in
- Configure the default paths for virtual machines and virtual disks to point to Disk V
- Create two virtual Hyper-V switches and consistently use them in NAT mode
- Bind the first switch as needed to see magic happen

By following these steps, you can ensure that everything works efficiently without consuming unnecessary space due to duplicate files.


If there is a computer available for this purpose, which can be managed from another computer, I recommend installing VMware. It provides all the necessary features, including virtual switches, virtual networks, and the ability to attach a virtual router. You can install both Windows and non-Windows operating systems on it. However, it's worth noting that Hyper-V is limited to Windows platforms.

With VMware, you'll need a dedicated computer as it occupies the entire host. Fortunately, you can use it for free and even access it through a web interface. While finding comprehensive instructions might be challenging, I suggest starting the installation process and asking specific questions along the way. This way, you can learn and troubleshoot effectively.


For many years, my go-to solution has been installing VMware Workstation on my Windows machine and creating the necessary virtual machines within it. While I have experience with various hypervisors, including Xen, I find VMware to be the most flexible option. It supports a wide range of operating systems and consistently receives updates that introduce new virtual features.

However, it is worth noting that VMware is a paid product, with the professional line being quite expensive. Additionally, in my approach, it is necessary for laptops or system technicians to have at least 16 GB of RAM and SSD disks for optimal performance. This is because resources are divided between the host Windows system and the virtual machines.

If you plan to engage in serious sysadmin work with a large infrastructure, it is essential to have a powerful computer for conducting such labs. As you start exploring different areas like Active Directory, routing, and various Linux installations with databases, your requirements and resource needs will likely increase. Having the appropriate hardware will ensure a smooth workflow and better overall experience.


To accomplish your goal of setting up a home lab for system administration training, using virtual machines, there are several solutions you can consider. One popular option is to use VMware Workstation, which supports creating a virtual environment with different subnets and network configurations.

Here's a step-by-step guide to help you achieve your desired setup:

1. Install VMware Workstation on your physical machine. You can download it from the official website and follow the installation instructions.

2. Once installed, open VMware Workstation and create a new virtual machine for Windows Server. Choose the appropriate ISO file or installation media for Windows Server and proceed with the installation. During the setup, ensure you configure the network settings to have a static IP address within the desired subnet.

3. After setting up the Windows Server virtual machine, create two additional virtual machines for Windows Professional in a similar manner, ensuring they are allocated separate subnets from the server.

4. To establish separate subnets, you can configure VMware Workstation's network settings. Go to "Edit" > "Virtual Network Editor" and create custom virtual networks for each subnet. Assign the Windows Server virtual machine to one network, and the Windows Professional virtual machines to the other network.

5. Next, configure the networking settings within the virtual machines themselves. Set the IP addresses, subnet masks, and default gateways according to the assigned subnets.

6. To route the internet connection through the virtual server, you need to set up network address translation (NAT) on the Windows Server machine. This can be achieved by enabling the Routing and Remote Access (RRAS) role within Windows Server and configuring NAT settings.

7. Once you have the basic setup working, you can explore setting up a firewall on the virtual server. Windows Server includes Windows Firewall, which can be configured for your penetration testing purposes. You will need to add two virtual network adapters to the server, one for each network. Then, configure the Windows Firewall to allow or block traffic as desired.

By following these steps, you should be able to create a virtualized network environment with separate subnets, internet routing through the virtual server, and a firewall for penetration testing purposes.

Note: Keep in mind that setting up a firewall and performing penetration testing requires a good understanding of networking concepts, security best practices, and legal considerations. Ensure you adhere to any relevant laws and regulations, and exercise caution when conducting penetration tests.

Here are some additional details and considerations for your setup:

1. Network configuration: When setting up the custom virtual networks in VMware Workstation, you can choose to use either bridged networking or host-only networking. Bridged networking allows your virtual machines to have direct access to your physical network, while host-only networking creates a private network only accessible within the host machine. You can choose the appropriate networking mode based on your training requirements and security considerations.

2. DNS and Active Directory: For a complete Windows Server environment with Active Directory, you'll likely need to configure a DNS server as well. This can be done within Windows Server itself or by using an external DNS server. Ensure that all virtual machines are configured to use the correct DNS server address to properly resolve domain names.

3. Virtual machine resources: Make sure to allocate sufficient resources (CPU, RAM, disk space) to each virtual machine based on the expected workload. This will ensure smooth operation and performance during your system administration training exercises.

4. Snapshotting: Consider taking snapshots of your virtual machines at various stages of your training. Snapshots allow you to revert back to a specific state if something goes wrong during your experiments or if you want to start from a known configuration.

5. Backup and recovery: It is essential to regularly back up your virtual machines to prevent data loss. You can use built-in backup tools or third-party solutions to create backups of your virtual machines and their configurations.

6. Networking and firewall considerations: As you explore penetration testing, remember to isolate your lab environment from your production network. Be cautious when exposing any virtual machines or services to the internet, as they may contain vulnerabilities. Also, maintain proper security practices and follow ethical guidelines when conducting penetration tests.

7. Training resources: There are many online resources available to help you learn and practice system administration skills. Utilize tutorials, documentation from software vendors, virtual laboratories, and forums to deepen your understanding and troubleshoot any issues you encounter.