I have a 10.x.x.x LAN setup on my ESXi environment. My home IP address setup is 192.168.x.x. I installed pfsense on a VM on the same ESXi server so I could NAT the 10.x.x.x VMs to my home 192.168.x.x network.
I can see the WAN Physical adapter on my home network as it is using DHCP to get an address.
PROBLEM: any other computer on the home network side cannot "contact" that IP address when using port forwarding or a PASS firewall rule for ICMP. Meaning, I cannot leverage the IP address. I cannot ping, ssh, or get to any VM in the 1.x.x.x virtual.
I have confirmed from the pfsense community on-line that my pfsense policies are setup correctly. But, for some reason the home network port assigned to the WAN vSwitch/port group in pfsense VM does not respond to anything. It has to be something simple on the VMWare side. Any ideas or suggestions are appreciated.
Enable on the portgroup that your PFsense vm is running (On the security Part of the portgroup) MAC address changes and Forged transmits.
Example: (change to accept)
Thanks for the response. Do you mean change those settings to "Accepted"?
.. and do this on both the WAN and LAN side of the pfsense VM>
I did set them to "Accept", but no change:
I'm kinda lost. I have some questions to try to understand a little bit more your scenario:
1- You have only 1 pNIC on the ESXi and its connected to your router right?
2- Everything is in the default VLAN for your router, also the internal configuration of PFsense? Remember in ESXi the vLAN 0 is whats considered 1 in the rest of the world
3- The other VMs that are inside the Portgroup with your PFsense can ping the server?
4- From any other VM in the portgroup can you ping the router outside?