VMware Cloud Community
RovingReporter
Contributor
Contributor
Jump to solution

ESXi 5.1 Connectivity

Hey everyone,

On the server, I'm trying to set up, I'm lacking internet connectivity for my guests. When I have my provider reload the ESXi 5.1 image, it loads with the default NIC tied to the management network. All connections to the host are fine via vSphere Client.

However, I tried adding a VM Network, and tied a NAT to my guest with no luck.  All the hardware, including the NIC, is on the HCL, so that shouldn't be a problem.

Any ideas on what I'm missing? Thanks!

Tags (3)
Reply
0 Kudos
1 Solution

Accepted Solutions
a_p_
Leadership
Leadership
Jump to solution

Welcome to the Community,

each guest requires its own unique IP address. You cannot NAT to a guest through the Hypervisor/Management IP address. What you could do - this however requires at least one additional public IP address - is to setup a firewall/NAT appliance like pfSense on the ESXi host with a connection to the public network as well as a private (internal only) vSwitch to which you connect the other VMs.

André

View solution in original post

Reply
0 Kudos
5 Replies
a_p_
Leadership
Leadership
Jump to solution

Welcome to the Community,

each guest requires its own unique IP address. You cannot NAT to a guest through the Hypervisor/Management IP address. What you could do - this however requires at least one additional public IP address - is to setup a firewall/NAT appliance like pfSense on the ESXi host with a connection to the public network as well as a private (internal only) vSwitch to which you connect the other VMs.

André

Reply
0 Kudos
RovingReporter
Contributor
Contributor
Jump to solution

Thanks for the reply Andre.

So I need to ask my provider to provision my server with another IP, in which I can use to set up pfSense?

Are there any good recommendations running pfSense concurrently with ESXi?

Reply
0 Kudos
a_p_
Leadership
Leadership
Jump to solution

In the scenario I'm thinking of you won't run pfSense concurrently to ESXi, but as a virtual machine on ESXi.

With two public IP addresses available you can assign one of them to the ESXi host (Management Network) and one to the public interface of the pfSsense VM. Your setup would then look like this:

  • vSwitch0 (with a physical uplink) with the Management port group (first public IP address assigned) and a Virtual Machine port group (Public)
  • vSwitch1 (no physical uplinks) with only a Virtual Machine port group (Private)

The pfSense VM connected to both VM port groups. To vSwitch0 using your second the public IP address and to vSwitch1 with a private IP address. All the virtual machines will only be connected to vSwitch1 with a private IP address. To access them you'd then need to define NAT rules on the pfSense firewall.

André

RovingReporter
Contributor
Contributor
Jump to solution

Excellent, I'll do that then. Finally, would the option of my provider offering a VLAN negate the need for a secondary IP/pfSense? Would that be a better option?

Reply
0 Kudos
a_p_
Leadership
Leadership
Jump to solution

Hard to say without knowing what's behind the VLAN offer. Depending on how many VM's you want to deploy and how you want to access (and secure) them, it may be sufficient to just purchase some additional public IP addresses (one for each VM). In this case you certainly wouldn't need the firewall for NATting.


André

Reply
0 Kudos