• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

PfSense, VmWare ESXi and Virtual IPs

HA/CARP/VIPs
4
4
6.6k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    mzuc
    last edited by May 31, 2010, 12:33 PM

    Hi guys,
    I have a problem while setting up a firewall for my virtual infrastructure:

    I bought a dedicated server from my provider, who gave me 4 ips (the first is set on physical server's interface, then I have 3 more IPs to use with my virtual machines). I installed ESXi 4.0 on my server and then created a Virtual Machine using pfSense virtual appliance with 1 virtual network card. Then I set a custom MAC Address on this card as my ISP said (they gave me a tool to generate VmWare-style mac addresses and link each one of them to a single ip).

    The problem is that I want to assign all of these IPs to a single VmWare network card (that will be pfSense's WAN interface) in order to NAT them to other virtual machines following my needs. I tried to add them as additional ips (Virtual Ips) to my WAN interface but it doesn't work.

    The only ip that works is the one that I set as "PRIMARY" on my WAN interface (after linking it to that virtual mac address that ISP generated for me).

    Have you ever faced a problem like this?
    How can I solve?

    Thank you

    1 Reply Last reply Reply Quote 0
    • B
      bb-mitch
      last edited by Jun 7, 2010, 7:35 PM

      You may be seeing something similar to a problem I had - there was a promiscuous setting on the vmware network segment that had to be enabled - otherwise the guest OS could not add or change it's addresses.
      I could look for the setting if you can't find it but hopefully that helps?

      1 Reply Last reply Reply Quote 0
      • S
        Supermule Banned
        last edited by Jun 7, 2010, 7:42 PM

        If you use promiscuous mode, it just turns the virtual switch into a hub….thereby distributing all traffic to all ip's connected on that physical interface.

        If you have 4 ip's, VLAN them instead....Then you seperate them at the virtual switch an can use them for other machines.

        @bb-mitch:

        You may be seeing something similar to a problem I had - there was a promiscuous setting on the vmware network segment that had to be enabled - otherwise the guest OS could not add or change it's addresses.
        I could look for the setting if you can't find it but hopefully that helps?

        1 Reply Last reply Reply Quote 0
        • O
          overand
          last edited by Jun 8, 2010, 8:23 PM

          I'm not sure that what SuperMule is suggesting makes sense in this situation.

          This is where I'd suggest you start.

          In the VMWare VIC (virtual infrastructure client):

          On the HOST:

          Configuration - Networking

          Get 'properties' on the switch associated with these IP addresses.  Then, clicn on the vSwitch, and click "Edit"

          Under "Securty" - set all three (Promiscuous Mode, MAC Address Changes, Forged Transmits) to "Accept"

          PLEASE NOTE that this has security implications!  You may want to be more specific in how you configure this, etc.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.