locked
Private network in SSP 2.0 template RRS feed

  • Question

  • I have a high-level template/network question re: SSP. I would like to set up templates and make them available to developers via SSP. I don't want the developers to have any outside network access so I'd like to limit the templates to a private network.

    Do I do this as follows?:

    1) Set up a vm on a virtual host that has the private network configured on it. Configure the vm to use the private network

    2) Create a template from the vm and make the vm available to developers in SSP (developers would have "Advanced Operator" role which would allow vm creation from the template)

    3) The same private network would need to be configured on all possible virtual hosts

    4) I'd like to give the developers the ability to configure the vms with their choice of IP addresses, etc. For example, they may need to set up multiple domains on different subnets, etc.

    I have read the "Adding or Editing a Network" section of the Datacenter Administration Guide and - after doing so - I'm still/more unclear on whether the above scenario is possible. As one small example, the aforementioned section (in the static IP section) seems to require a default gateway while I would expect that a private network wouldn't need a gateway and the procedure seems to require an ip address range be entered, when I want the developers/end-users to use whatever IPs they want which seems simpler (and safe since it's a private network)

    Thanks

    Wednesday, November 10, 2010 10:32 PM

Answers

  • Hi,

    You can use either SSP2 or the original portal for this. In either case the isolation is just based on the network you put the vms on. So you are correct in suggesting that you would put them on the same private network. If you are using only 1 hyper-v host, then you can possibly setup an virutal switch for these vms alone, and use that - otherwise i suggest you look at vlans.

     

    of course these vms may not have access to the web or other servers if you do not have a router in the network to get out of the segment.

    -d

     

    • Marked as answer by Yogesh C Tuesday, November 16, 2010 7:20 PM
    Friday, November 12, 2010 2:57 PM

All replies