Hi, any help on this would be appreciated as I've been wrestling with documents and forum posts all week with no luck.

Overview:

Single Esxi host with DAS running Essentials.

Several identical windows virtual domains running (DC and Server) - these are used as a lab environment and people connect over brokered RDP sessions so the backend is never public facing.

Each server now needs to have internet access, so I have implemented a firewall VM (m0n0wall).

I need each DC to use the shared firewall but at no point see the other DC VM's as they are identical and it will obviously break due to duplicate names on the network. I achieve this by adding a NIC to each DC with the firewall as the gateway and letting the DNS use root hints (or the firewall as a DNS forwarder)

No part of the network is physical aside from the uplink from the  internet providor. The rest of it is all virtual inside the host.

So I figure Vlan is the way forward, however I have tried every way I can find to achieve this with no luck.

My latest attempt was to create a vswitch, add a bunch of port groups with an assigned VLAN ID (101, 102 etc)

I then tried adding the VLANs as virtual adaptors to the firewall. But despite the many possibilities Ive tried the DC VM will only communicate with the Firewall if the inside NIC on the FW is on the same port group as the VLAN port group on the DC VM. I tried adding a port group of 4095 and assigning that to the inside interface of the FW VM thinking that would then see all the other VLAN port groups, still no luck

I've lost track of configurations Ive tested but essentially none have worked despite working my way through many forum posts and KB's

If anyone has any ideas please? I'm sure it's pretty simple however my networking experience is limited (when it comes to VLANs)

Thank you!