I'd love some help since I just can't figure this out. I've converted a production server to a test environment and I've missed something with the network settings... here goes. I've got an ESXi 4.1 server with 1 guest, a Windows 2003 64-bit OS. I'm using vlan in all switches to separate the networks from each other. All vlans are pushed through to the guest OS where the trunk driver untags them to different virtual network cards. Vlan3 is then bridged (note! not in vmware) in the 2003 OS, together with another virtual network card connected to a vpn router. The idea is that all users who connect to vlan3 should be routed directly to the head office which is in the other end of that vpn. This works, so far as that the clients actually gets ip addresses from the head office dhcp. But I'm unable to ping anything passed vlan3 though. It's as if the host won't let any traffic (except dhcp) through. This is the setup: 172.24.19.145 -----> 172.24.19.10 -----> 172.24.19.1 Client                      Guest bridge        Vpn router I've tried changing the settings for the vswitch and the network card in the host and found that if I don't accept promiscous mode on them both, I won't even get a dhcp reply. And depending on how I set the "mac address change" and "forged transmits" I've even got the guest to get replies to ping from both the vpn router and the network behind it. But no matter what settings I choose I can't get the client to get any replies from either the guest or vpn router. As a sidenote; I have two other vlans on this guest as well, and they work perfectly this way. Except they connect to the internet and not to a vpn, and there's no network bridge involved. And, the production server has this setup working as well, except it isn't virtualised. Thankful for any and all help!