Creating A Sandboxed Local Virtualization



This article explains how to test virtual machines in a sandboxed environment.

When configuring the virtualization, set an IP scheme that has no association with the production network. Otherwise, the VM could cause networking or domain conflicts in the live environment.

1. Starting a Local Virtualization

Follow these steps to perform a sandboxed local virtualization:

1. From the Datto appliance GUI, click the Restore tab.

2. Select the machine, restore type, and snapshot of your virtual machine instance.

3. After a few seconds of processing the VM, the browser will refresh and display a Connect via RDP link.

4. Click this to download an RDP file.

5. Open the file to connect directly into the virtual machine.

1.1. Connect to the VM via RDP

  • You can connect to any VM via RDP.
  • These RDP connections will work regardless of the type of network adapter configuration, including the default Disconnected network adapter.
  • The RDP link provides a connection into the SIRIS device's virtual box host service and not directly into the VM itself.
  • If the virtual machine is rebooted, the RDP connection will not be lost. 

1.2. Backing up a Virtualized Machine

  • You can back up a virtualized server while running a VM off of a Datto appliance.
  • The Datto appliance will take a new base image of the local virtualization.
  • Make sure that the backups resume once the machine has been stabilized.
  • Repeat this whenever you are attempting to restore the virtual machine to either a physical or virtual environment.

1.3. Virtualization Storage Controller

1.4. Virtualization Network Controller

  • The Datto appliance GUI allows you to choose the Virtualization Network Controller that the VM will use as its NIC driver.
  • This option can be selected from the Advanced Options for each protected system in the Agents tab.
  • You can change this setting if a VM is unable to acquire any type of network connectivity when set using any of the network configurations (excluding disconnected). See Agent Configuration - Virtualization Network Controller for more information.

1.5. Video Controller Options

The Video Controller Options menu allows you to choose between VGA and Cirrus controllers. By default, VGA is selected. The Cirrus option is primarily intended for compatibility with legacy systems.

1.6. Create Rescue Agent

Selecting this option allows you to create a virtual Rescue Agent from the selected snapshot of a Source Agent, and take crash-consistent backups of your disaster recovery VM. This feature creates a new backup agent on the Protect tab of the Datto appliance's GUI, and writes all of the Source Agent's configurations and data changes to automatic incremental snapshots. See the Restore: Create Rescue Agent article for additional information.


2. Creating the Sandbox

  • You can start VMs in a sandbox with Internet access by selecting the Bridged option.
  • This will use an internal network that allows communication between VMs with WAN connectivity.

2.1. Hardware Needed

  • To create an isolated environment, the Datto appliance needs a separate network segment to allow for communication of the virtual machines.
  • You will need to create an isolated subnet for the VMs to gain Internet access.
  • The network circuit should be configured to act as a demilitarized zone (DMZ) and then connected directly to the Internet for WAN access.
  • Create the default gateway on the router that is connected to the Internet. Assign it via the router interface.
  • You will need another cable to connect a secondary NIC from the device to this switch. This acts as a secondary gateway.

2.2. Starting the VMs

1. Set the secondary NIC up on the device to act as a VirtualBox adapter. You'll want to set this as a secondary device with a second subnet.

2. Create the VM from the Restore tab as normal.

3. Set it up to be bridged to a secondary ethernet device that will act as the gateway for the environment.

4. Once the VMs are spun up, log into them, and configure their IP addresses to be on a separate subnet.

5. Verify the connectivity between the VMs, and then check their connectivity to the Internet.


Was this article helpful?

3 out of 5 found this helpful

You must sign in before voting on this article.

Calling all Partners! We want to hear your feedback! Please participate in this quick survey and help us build a better, more-relevant Knowledge Base!

Want to talk about it? Head on over to our Community Forum!