I've been trying my heart out to get multiple VLANs trunked to ONE instance of Kerio Control configured on a Hyper-V host. I think I've got the config correct on the Hyper-V side - using Powershell to configure trunking through one physical NIC and then assigning it to my Kerio VM. But, it just does not want to talk.
Does this have anything to do with the fact that you have to assign a static MAC address to the Network Adapter in the Kerio VM Settings? If that's the case, then the VM wouldn't allow multiple MACs for different VLAN interfaces through one NIC, which would make communication impossible.
If someone can please give me an answer, that would be greatly appreciated. It's mostly for my sanity, but also for a customer I had who tried to configure it this way, and we ended up installing multiple instances of the Kerio VM and assigning each to their own virtual switch/VLAN. It would be nicer to have one instance of Kerio and trunk all the VLANs through one NIC.
I, too, run Kerio Control within a Hyper-V virtual machine and I'm using multiple VLANs to communicate between it and another Hyper-V VM running a different software router/firewall with features not available in Kerio. In my case, the VLAN adapters are configured on a private virtual switch, whereas in your case, they would be configured on an external virtual switch.
In my Hyper-V configuration, I created a private virtual switch called VLANTrunk. I assigned that switch as adapters in both the Kerio and other router/firewall VMs. The adapters are configured with static MAC addresses and MAC address spoofing enabled.
For each VM I ran the following Powershell commandlet:
Set-VMNetworkAdapterVlan -VMname $VMName -VMNetworkAdapterName $VMNetworkAdapterName -Trunk -AllowedVlanIdList "vlan number" -NativeVlanId "vlan ID"
So, for the Kerio VM (named "Kerio"), the above looked like this:
Set-VMNetworkAdapterVlan -VMname Kerio -VMNetworkAdapterName VLANTrunk -Trunk -AllowedVlanIdList 100-199 -NativeVlanId 10
This allows up to 100 VLANs (numbered 100 to 199) to be defined within the VM. (NativeVlanID of "10" was arbitrarily chosen).
I checked the VLAN assignment with:
get-vmnetworkadapterVlan -vmname Kerio
Within Kerio, I created multiple VLAN adapters using adapter VLANTrunk as the parent. Though they all have the same MAC address, there's no conflict because they operate on different, segregated networks. I had no need to override any MAC address as is allowed in Kerio's advanced adapter configuration.
Is there any equipment (eg. switch) in the traffic stream that is not 802.1Q VLAN tagging compliant?
Kerio discussion forums are intended for open communication between forum
members and may contain information and material posted by members which may
be useful in learning about Kerio products. The discussion forums are not
intended to provide technical support for any specific product. Any
information implied or expressed in the discussion forums is that of the
posting member. Kerio is in no way responsible for the information posted in
the forums, or its accuracy. Kerio employees may participate in the
discussions, but their postings do not represent an offical position of the
company on any issues raised or discussed. Kerio reserves the right to
monitor and maintain the forums to promote free and accurate exchange of