VMware Cloud Community
BenSchowe
Contributor
Contributor
‎02-18-2022 01:02 PM

VPN connection vSphere to company network

Hi all,

we have a small company network with Unifi Dream Machine Pro (UDM Pro) as internet gateway. The UDM can serve as a VPN server for different VPN flavors.

We now rented a dedicated server in some datacenter. We installed ESXI + vSphere on this server.

Is it possible to connect our new vSphere server to our company network via VPN? How?

If so could we use multiple VPN connections to connect virtual networks to different VLANs in out company network?

 

Kind regards

Ben

0 Kudos
1 Reply
BenSchowe
Contributor
Contributor
‎02-20-2022 01:19 PM

I found the solution in this thread on serverfault.com https://serverfault.com/a/450862 

I'll cite MDMarra's answer here:

No. You can't install third party services like a VPN client on the hypervisor.

This is what you need:

  • A management IP address for ESXi itself. This can be public, or it can be private, as long as you can reach it to manage. If it's public, make sure it's firewalled off well.

  • A VM to act as a VPN gateway (OpenVPN, pfsense, RRAS, whatever)

  • At least one public IP address for a VM to act as the VPN gateway.

  • A public vSwitch that has the public interface for your VPN gateway VM.

  • A private vSwitch that the rest of your "private only" VMs connect to.

You'll connect your VPN VM to both vSwitches and configure routing through it. This way, you'll tunnel to a VM that has access to both the public network (so that you can VPN into it) and the private network so that your VMs aren't exposed to the outside world unnecessarily and you won't need public IPs for all of them.

0 Kudos