Hello, I installed NSX 6.2.7 for mcafee agentless purpose. Our DNS is not on the same network then our ESXi. Can we configure 2 nics on NSX manager ? Or can we manage host file on NSX manager ? thank you
Understand your gateway is a firewall so I assume NSX Manager default gateway is your firewall.
You can add a rule in the firewall to allow NSX Manager to access DNS server.
Editing the host file in NSX Manager means you would need to drop down to the Engineering Mode in NSX which requires VMware support, not sure if that's supported.
Another option would be to create a dedicated small DNS server for this that is reachable by NSX Manager and all NSX + vSphere components.
You would want to make sure that all NSX and vSphere components are resolvable via DNS, else some of the NSX installation may not work as they may rely on DNS to resolve each other
Dns doesn’t need to be on the same subnet with ESX host, it may use default gateway. Why needed to be on the same subnet?
We are not using our gateway for cross networking, it's against our rules for this specific network. Our gateway it's a firewall.
I found then we can use Tech Support Access and change the NSX hosts file ... not supported ....I will test it
Understand your gateway is a firewall so I assume NSX Manager default gateway is your firewall.
You can add a rule in the firewall to allow NSX Manager to access DNS server.
Editing the host file in NSX Manager means you would need to drop down to the Engineering Mode in NSX which requires VMware support, not sure if that's supported.
Another option would be to create a dedicated small DNS server for this that is reachable by NSX Manager and all NSX + vSphere components.
You would want to make sure that all NSX and vSphere components are resolvable via DNS, else some of the NSX installation may not work as they may rely on DNS to resolve each other
Hi Bayu, yes your right my gw it's a firewall and we are not allowed to cross connect network (mgmt and data).
I'm waiting an answer from VMware support about adding a second nic or modifying host file if it's supported...
Adding a second read only dual home DNS server it's a good idea, our security department need to approve this solution.
Thank you for your help.
How is using multiple NICs connected to different VLANs in a VM better or more secure than using L3 routing to get to the resource you need? I strongly advice you reconsider
NSX can't manage dual home. Second DNS will be the way to solve our issue.