I'm running on ESXi 7, vSphere 7 (no NSX, etc). 

Setup:

pfSense 

+ switch (tp-link switches, vlan aware ... I have tagged all ports with vlan 107).

+ esx host (192.168.1.7)

My base subnet is 192.168.1.0/24, everything there is working well and is connected. I'm testing/playing with Kubernetes and with that I would like to be able to use another subnet as my public ips for the services.  I went with 192.168.107.0/24.

I created a base ubuntu vm, (put it on the std-0-kub-107 network) statically assigned 192.168.107.3, gateway of 192.168.107.3 ... but it can't reach anything and nothing can reach it.

From the ESX host I can ping the 107 interface on pfsense:

[root@esxi7:~] ping 192.168.107.1
PING 192.168.107.1 (192.168.107.1): 56 data bytes
64 bytes from 192.168.107.1: icmp_seq=0 ttl=64 time=0.466 ms
64 bytes from 192.168.107.1: icmp_seq=1 ttl=64 time=0.414 ms

--- 192.168.107.1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.414/0.440/0.466 ms

I created a port group and assigned it to the VLAN .

[root@esxi7:~] esxcfg-vswitch -l
Switch Name Num Ports Used Ports Configured Ports MTU Uplinks
vSwitch0 6400 32 128 1700 vmnic0,vmnic3,vmnic2,vmnic1

PortGroup Name VLAN ID Used Ports Uplinks
std-0-kub-107 107 1 vmnic0,vmnic3,vmnic2,vmnic1
std-0-vlan-0000 4095 18 vmnic0,vmnic3,vmnic2,vmnic1

What step am I missing?