Highlighted
Contributor
Contributor

Moving to Esxi 6.5 is having firewall/networking issues

Jump to solution

I moved from Esxi4 to 6.5 and everything works fine except the VPN connection. To establish the VPN connection I used Endian Firewall 2.3 that is installed as a virtual machine inside Esxi.

Before this upgrade my IT infrastructure used ESXi 4 and everything worked; after the upgrade to ESXi 6.5 the openVPN (provided by Endian Firewall) can establish the connection but the PCs inside the Intranet are not reachable (neither PING nor RDP works) by the client from outside. I tried using the same VM (phisically) of Endian Firewall but also installing the last version: the problem is the same.

Does anyone has an idea of what could be the reason of this problem? What is changed in the security/networking model of ESXi 6.5 (compared with 4) that could cause this problem?

Thanks in advance

Roberto

0 Kudos
1 Solution

Accepted Solutions
Highlighted
Enthusiast
Enthusiast

I have seen similiar behaviour with L2 VPNs terminating on VM. Have a look Security Policy of your vSwitch or Port Group that might get involved.

Configure the Security Policy for a vSphere Standard Switch or Standard Port Group

Problem here is that there will be a frame comming from the VM but with MAC not assosiated with the VM itself.

Martin Gavanda https://martingavanda.com https://learnvmware.online

View solution in original post

0 Kudos
2 Replies
Highlighted
Enthusiast
Enthusiast

I have seen similiar behaviour with L2 VPNs terminating on VM. Have a look Security Policy of your vSwitch or Port Group that might get involved.

Configure the Security Policy for a vSphere Standard Switch or Standard Port Group

Problem here is that there will be a frame comming from the VM but with MAC not assosiated with the VM itself.

Martin Gavanda https://martingavanda.com https://learnvmware.online

View solution in original post

0 Kudos
Highlighted
Contributor
Contributor

Hi Martin,

The problem was related to the vswitch promiscuous mode that was disabled. Enabling the promiscuous mode everything works like a charm.

Thanks a lot for the hint!

Bye

0 Kudos