PowerShell Function to Prevent Starting Hyper-V VM’s that are Connected to an External Network

Beginning with Windows 8 (Professional and Enterprise Edition), Hyper-V is available on workstations that have a processor that supports SLAT (Second Level Address Translation). For specifics about the requirements, see the Client Hyper-V blog article on Microsoft TechNet. That means you have a Hypervisor running right on your desktop or laptop computer for free. With the price of hardware these days, your regular everyday computer can be spec’d out with an i7 processor, 16 gigabytes of memory, and one or more solid state drives and in addition to performing your everyday work on it, you have an awesome test environment without the need for additional physical computers.

Thanks to the server core (no-GUI) installation of newer versions of Windows Server, you can run a number of VM’s on the previously referenced hardware with no issues. I have a domain controller, web server, and a couple of SQL servers all running on Windows Server 2012 R2 with the server core installation. I also have more than a half dozen test Windows 8.1 machines on that same hardware, all of which can be running at the same time if needed thanks to Hyper-V’s dynamic memory feature.

All of that is well and fine until you decided to run something like the DHCP Server role on one of the servers in that test lab environment. Accidentally connect it to an external network and it could reap havoc on your production network to say the least.

That’s why I created the following function to only boot VM’s that are connected to internal or private network. It will also start VM’s that are not connected to a network.

In the following example, an attempt is being made to start the VM’s named DC01, SQL01, PC01, and PC02. The VM’s are being specified via parameter input. DC01 is connected to an internal virtual switch, PC01 is set to “Not Connected” on its network adapter, PC02 is set to a private virtual switch, and SQL01 is set to an external virtual switch.


Same network settings in the following example. This time DC01 is already running. The same computers are specified in this example except via pipeline input this time:


And this time, the Get-VM cmdlet which is part of the Hyper-V PowerShell module is being used to specify the VM’s and the output of that cmdlet is being piped to my function.


Notice in the previous example, the verbose parameter was specified so you could see what VM’s are attempting to be started.

You may be wondering how to get external network access so you can access the Internet on your VM’s without connecting them directly to an external network? I use Internet connection sharing as referenced in this blog article on MSDN. Even though that blog references a wireless adapter, the same procedure can be used for a wired adapter as well.

I would also like to thank Dave Wyatt for the feedback he provided on the PowerShell.org forums for my Start-MrVM function.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: