Solved: Re: How to isolate guest VMs from production netwo...

BillClarkCNB · ‎12-30-2021

ESXi 6.5 on 5 different hosts in production. I want to create an isolated environment/network where I can restore two old guest VMs(to the same host), one of them being an Active Directory server. They will be restored to the existing production SAN due to their size. I don't want ANY network access to or from these guest VMs, just for them to be able to communicate with each other and accessible via the vSphere Remote Console. Can this be done?

IRIX201110141 · ‎12-31-2021

Yes for sure.....

Pull out the virtual network cable eg. press the disconnect button for the virtual NIC
Create a a new Portgroup and name it "INTERNAL_ONLY" and remove all Uplinks. After restoring or during(depends on the Backup software) reconfigure the vNICs of the VM to use this Portgroup instead of the original one. All VMs which using this PG are able to see each other as long as they are on the same Host
Well with vDS there are Private vLAN but these are a massive overkill for your request

I should choose method 2 because of youre requirement to restore multible VMs and they needed to communicate to each other.

Regards,
Joerg

View solution in original post

IRIX201110141 · ‎12-31-2021

Yes for sure.....

Pull out the virtual network cable eg. press the disconnect button for the virtual NIC
Create a a new Portgroup and name it "INTERNAL_ONLY" and remove all Uplinks. After restoring or during(depends on the Backup software) reconfigure the vNICs of the VM to use this Portgroup instead of the original one. All VMs which using this PG are able to see each other as long as they are on the same Host
Well with vDS there are Private vLAN but these are a massive overkill for your request

I should choose method 2 because of youre requirement to restore multible VMs and they needed to communicate to each other.

Regards,
Joerg

All

How to isolate guest VMs from production network?

esxi 6.5

network