I would like to get familliar with installing a virtual network on a server that is physical (not virtual) machine running Windows Server 2012 R2. Currently it has only active directory running and it is a domain controller (if it matters).
So, I have read that if I need to add a virtual network on Win 2K12 R2 - I need first to install a Hyper-V role / feature? Is it true, and if it is - do I need a virtual machine to be able to create a virtual network or it could be done independently trough Hyper-V role / feature?
I would like to use that virtual network to connect VPN to it, and then NAT it trough firewall to the server.
Thank you all. All suggestions are welcome!
Yes, it is true that you need to install Hyper-V to add a virtual network. This can be done either through PowerShell or the "Virtual Switch Manager" window in Hyper-V Manager. You do not need to create a Virtual Machine to create a Virtual Switch, although the primary use case for Virtual Switches is giving network connections to Virtual Machines.
For detailed instructions on getting started with Hyper-V, I recommend the "Getting Started" guide in the official documentation for Windows Server 2016. It has pages describing how to create Virtual Machines and Virtual Switches. For more background on the topic, check out the Windows Server 2016 Virtual Switch Overview page. While you are on an older operating system, many of the concepts and steps are the identical.
Hopefully that's enough to get you started with your learning.
Past that, I don't completely understand your desired end state with VPN and NAT, so I can't comment on that aspect of the question. That said, I can say that attaching a Virtual Machine to a Virtual Switch on the physical adapter used by the VPN won't allow the VMs to tunnel out over the VPN. That said, it looks like a few people got it to work using Fiddler.
Disclosure: I work on the Hyper-V team at Microsoft.