When building vCenter which Port Group do I join it to


We are going to build our vCenter on a Windows server which will be one of the VMs in the Cluster.

We have isolated networks for management and VM traffic both being on different VLANs and Port Groups.

Do I configure the vCenter to have one NIC and attach it to the VM port group or do I attach it to the Port Group with the management VLAN, only it will have to communicate with DNS and AD etc.

or do I create 2 vNics  on the VM and attach it to both Port Groups

Whats best practice.

A copy of our network is below:

Hi Mike,

I assume your ESXi management vmkernel is on management VLAN, DNS & AD are also on Management VLAN.

In this case, you would only need the vCenter to be attached to the Management VLAN PortGroup.

In my opinion it is also not a good security practice to share Management VLAN with VM VLAN, vCenter should belong in the Management VLAN.

Do you have a requirement or reason why you would need to connect vCenter to the VM VLAN PortGroup

