MikeWright1971
Contributor
Contributor

When building vCenter which Port Group do I join it to

Hiya,

We are going to build our vCenter on a Windows server which will be one of the VMs in the Cluster.

We have isolated networks for management and VM traffic both being on different VLANs and Port Groups.

Do I configure the vCenter to have one NIC and attach it to the VM port group or do I attach it to the Port Group with the management VLAN, only it will have to communicate with DNS and AD etc.

or do I create 2 vNics  on the VM and attach it to both Port Groups

Whats best practice.

A copy of our network is below:

cheers Mike

final44pic.png

0 Kudos
1 Reply
bayupw
Leadership
Leadership

Hi Mike,

I assume your ESXi management vmkernel is on management VLAN, DNS & AD are also on Management VLAN.

In this case, you would only need the vCenter to be attached to the Management VLAN PortGroup.

In my opinion it is also not a good security practice to share Management VLAN with VM VLAN, vCenter should belong in the Management VLAN.

Do you have a requirement or reason why you would need to connect vCenter to the VM VLAN PortGroup

Bayu Wibowo | VCIX6-DCV/NV
Author of VMware NSX Cookbook http://bit.ly/NSXCookbook
https://github.com/bayupw/PowerNSX-Scripts
https://nz.linkedin.com/in/bayupw | twitter @bayupw