Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How secure is vmware ESXi with pfsense - noob question

    Virtualization
    2
    4
    2689
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      marian78
      last edited by

      Hi,

      i will planing try pfsense VM on ESXi. I want ask, how secure is ESXi with pfsense VM. Can i expose ESXi ethernet interface to internet? Can attakers compromise ESXi and  than LAN network or VMs?

      I can add to ESXi box ethernet ports assigned only for pfsense VM.

      pfsense runing in virtual, on HP N54L microserver, 2G RAM, 60G disk, WAN, LAN, DMZ, Wifi, OpenVPN server + client, suricata, pfblocker

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        I would not suggest you expose your vmkern to the freaking internet no ;)

        What exactly do you think your exposing by running pfsense on vm?  Guess its possible if they exploit pfsense, and then there is some exploit to allow a VM to access the esxi host or other VMS then sure if your pfsense is compromised you could have issues.  But I would think if your firewall is compromised then you prob have other things to worry about of it could be exploited to also hit the host ;)

        Only thing that would be listening on your interent interface should be pfsense wan vm nic, etc.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 23.09 | Lab VMs 2.7.1, 23.09

        1 Reply Last reply Reply Quote 0
        • M
          marian78
          last edited by

          I ask because i want only try it (i want learn something new).
          I want create pfsense VM and run it on ESXi. pfsense will have WAN, LAN and DMZ interface. ESXi will have vmnic0 for management ESXi connected to LAN, ESXi vmnic1 as pfsense WAN, vmnic2 as pfsense LAN and vmnic3 as pfsense DMZ. On ESXi also i want run Zoneminder VM appliance, Minecraft server VM appliance, TeamSpeak VM appliance.
          pfsense WAN (vmnic1) i want expose directly to internet (ISP).

          I interested if it is all secure, as if pfsense run on separate real PC. Is ESXi secure enough (i want expose vmnic1 to internet)?

          pfsense runing in virtual, on HP N54L microserver, 2G RAM, 60G disk, WAN, LAN, DMZ, Wifi, OpenVPN server + client, suricata, pfblocker

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            Been running pfsense on esxi for years.. Hundreds if not 1000 is not 10's of thousands of people run routers/firewalls on VM.. Yes it a standard practice..

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 23.09 | Lab VMs 2.7.1, 23.09

            1 Reply Last reply Reply Quote 0
            • First post
              Last post