Your pfsense wan network is the same as the pfsense lan network??  That shouldn't be working at all to be honest.. if you wan network is 192.168.1.0/24 then lan should be say 192.168.2.0/24

As to connecting your lan of pfsense to your physical network.. Yeah that is how you would do it.  Can you post up your esxi network.. example here is mine minus seeing the dmz vswitch which is not tied to physical network at all.

So my pfsense wan is public IP from ISP, that physical interface is directly connected to cable modem.

lan is 192.168.1.0/24 and connected to my physical switch and all devices on my lan that are on 192.168.1.0/24 and use pfsense vm interface at 192.168.1.253 for their gateway.

wlan is connected to my wireless APs

I have broken out my vmkern portgroup to be on its own switch and connected to its own physical interface - just because I had the extra physical nic to play with on the esxi box, and breaking out makes it perform a bit better when moving files to and from the datastore.  This physical nic is connected to the same physical switch the lan nic is connected too.

Post up your esxi networking setup and will fix you right up - but you have the same network on pfsense wan as you do lan – which is not correct to start with.

example-esxi.png
example-esxi.png_thumb

@ren22:

i hope we get soon pfSense on freebsd9 or 10 running with better XEN support :D
thanks

I think the real strategy here is to wait until pfSense 2.2 (based on FreeBSD 10) for real Xen support.

I really don't know what happened, but eventually, the connection surfaces. I mean, I always have an internet connection, the bug came when I upgraded to 2.1. So did not tried to check as to why, I turned off teh manchine may for 3 days and when I restarted it it has an internet connection. But I dont know, despite ofthe lusca in place, the internet from its LAN is quit very slow so, I just decided to go bear metal installation. I have a problem though ans I posted it as another topic.

Well what IP did you put on the dmz interface in pfsense?  That would be the gateway for that network normally.  And normally you would block traffic from dmz to lan, not lan to dmz.

dhcp can work on any  segment you want it to work on - you just have to enable it and set it up on pfsense.

Try to run the host in ACPI safe mode and then reboot and see of it stays online.

Please see the ESF response: https://forum.pfsense.org/index.php?topic=73258.msg402614#msg402614

vSwitch1 -> Properties -> Add

Connection Type - VMKernel

Name: Internal Management Network
Use this port for Management Traffic - Tick

Network Type - IP

Add in dedicated info with pfsense ip as gateway

I think that is what your looking for. I dont have a local Exsi to test on and my servers are remote in another country so cant mess around with these settings to confirm for you.

It sounds like you have a race condition. Something basic: did you shutdown your existing non-pfsense router? It sounds like pfSense and some other device are competing, each getting a DHCP address from your ISP in turn (ie, your ISP only allows one active device at a time, the last one that renewed the IP).

why is pc2 connect to esxi?  Or is it also connected to your switch?

What is your network setup of vms on your esxi.

sure if you want to.. well your want to pfsense would be your wireless router.  So I have to assume 192.168.1.1 is your wireless routers IP?  So pfsense wan could just be dhcp and get that from your wireless router. Why would you think you need a static?  But I have to assume your wireless routers LAN is static on 192.168.1.1 - so what other router are you talking about?
4)  Is your "modem" as you call it just that or is it a NAT device as well..  What IP does your wireless router get on its interface connected to the "modem"

Edit: here is my esxi host network.  So pfsense wan is connected to vswitch wan, which in turn is connected to my esxi box phsyical nic vmnic1, while pfsense lan is connect to vswitch lan and physical nic vmnic2

And so on..  So my pfsense in my setup gets public IP on its wan interface from my modem which is connected to vmnic1, now my vmnic2 is connected to real switch where my physical devices like my workstation are connected to (your pc2 maybe?)

Can you post up your vmnetwork like what I posted so we have frame of reference to discuss your network.

vmnetwork.png
vmnetwork.png_thumb

mariosfx,

What virtualization technology are you using? I'm guessing Hyper-V since you mention WSrv 2008R2 (but it could be VMWare Workstation). Are you using the Legacy (deX) or Synthetic (hnX) network adapters?

The speeds you mention almost sound like you're maxing out on a 10 Mbps full duplex connection, either because it is connected to a switch that is slower than the physical NIC (or the switch is negotiating down to 10 Mbps connection), or the drivers being used by the VM think the network card is 10 Mbps (which is in itself irregular, since the Legacy adapter is supposed to be 100 Mbps).

I posted a much improved new version for the Hyper-V synthetic adapter drivers on Hyper-V ICS 1.0 (w/Synthethic Network Driver) for pfSense 2.1 & 2.1.1. You might want to give this VM a try. I've been running tests, and using my internal LAN (my ISP is nowhere near this fast), I've been able to get 2 Gbe throughput through pfSense (connected WAN and LAN to different internal networks and used sftp to move files around).

The unofficial aplha 2.2 images have now been removed!  :'(

@zootie:

What pfSense build are you using? The official build with legacy deX drivers or the custom build with synthetic hnX drivers?

In my experience when using legacy drivers, Linux and pfSense won't function if you have teamed adapters with VMQ or VMDq or other acceleration technologies enabled. For this environments, I ended up having to setup a team and virtual switch for legacy VMs (ie, a team of 2 for Windows VMs, and a single adapter or a team of 2 for Linux VMs).

In my environment, the synthetic drivers build works ok with teams based on Intel and Broadcom native teams. I haven't tried with Windows Server 2012 teams.

See http://forum.pfsense.org/index.php/topic,56565.msg362435.html#msg362435 for a synthethic driver build (and there are other variations).

I believe I have the synthetic build version, I have it assigned native hyper-v NICs and it's working great.  I tried disabling all the performance tweaks and it still has the same issue.

@johnpoz:

Well I run my pfsense host as vm on my esxi host as well - its a great way to run pfsense!

If you need more dmz devices just run them on the one host..

Yes it is a great way to run pfsense. Very minimum system requirements. I love it!

And I was thinking of just using one host for dmz. That would be the Host1 which pfsense is running on.

Just out of curiosity, if I did purchase a switch with VLAN, how would I configure the Host2 VM to run a other DMZ Guests? I may just purchase a new switch.

Plus, I would like to know how to configure this on more than one Host :)

^ yeah you should only point to dns that has records for your local domain.  Pointing to others that don't is going to cause grief.

"DNS info pointing towards both 8.8.8.8 and 192.168.1.1. "

That is bad configuration, unless the 192.168.1.1 is not authoritative for any domain.  Also just putting pfsense or any just hostname is not good idea, names should always be fqdn, ie something like headphones.local.lan, or headphones.name.tld where your local dns is authoritative for name.tld

You can setup your machines to have a search suffix, domain membership so when you put pfsense into your browser it queries for pfsense.yourdomain.tld

But pointing to 8.8.8.8 as a possible dns - your never going to be 100% sure which dns your client is going to ask, if he asks 8.8.8.8 for pfsense.yourlocaldomain.tld its not going to work.