If you can work around this (I've never tried...), you will have to be very certain of what you're doing. HA will not be a problem - if the host fails, all of the VMs will be restarted on another host (assuming there's capacity) - make sure you set DRS affinity rules to keep them together. VMotion could be another can of worms! Do the VMs behind the firewall need to talk to each other? If so, then once you migrate one of them to another host, it will become isolated - there is no connectivity between the two vNetworks (isolated vSwitches) on the two hosts. While the IP configuration may work, it may be that nothing else does!

As an example, let's assume you have something like this:

(HOST 1) pNIC <-> vSwitch <-> Firewall VM <-> vSwitch (vNetwork) <-> Web Server | FTP Server | DNS Server | DB Server
(HOST 2) pNIC <-> vSwitch <-> Firewall VM <-> vSwitch (vNetwork) <-> <No VMs>

Now, what happens when you VMotion the DB server to the other host? You now have a configuration like this:

(HOST 1) pNIC <-> vSwitch <-> Firewall VM <-> vSwitch (vNetwork) <-> Web Server | FTP Server | DNS Server
(HOST 2) pNIC <-> vSwitch <-> Firewall VM <-> vSwitch (vNetwork) <-> DB Server

Your DB Server is now isolated behind a vSwitch (with the same name on both hosts...), but it can't talk to anything - and nothing can talk to it. Are you sure this is what you want?

Ken Cline
Technical Director, Virtualization
Wells Landers
VMware Communities User Moderator

Thanks Chris! I didn't think it was supported...just too lazy to look for the KB article.

Ken Cline
Technical Director, Virtualization
Wells Landers
VMware Communities User Moderator