PFSense in an ESX Environment (Using tagged VLANs, no physical ports)
-
My network topology is as follows:
I have a Cisco 1841 router connected to my ISP. The 1841 is also responsible for doing routing between my server and business VLANs. My servers are all virtualized in a VMWare ESXI 6.0 environment.
I am trying to spin up PFSense in a completely virtual environment to provide UTM capability to my wireless guest network. As such, I am trying to segment it off completely from my other VLANs.
I have a /30 VLAN 201 going from my Cisco router to the PFSense VM on 10.201.0.0/30. I then have a 172.16.0.0/24 VLAN 200 going from PFSense to my AP. So PFSense will be NATing between these two LANs. I am simply trying to replicate two separate LANs using VLANs instead of physical ports as I do not have that luxury in my environment.
I do have WAN connectivity from VLAN 201 from PFSense out to the Internet. I also verified that I am able to communicate with PFSense over VLAN 200 from my wireless client. However, I am not able to get address translation working from 200 to 201. PFSense just drops the traffic.
I do have NAT Outbound configured for this and can post my config if there are any questions. And I made sure to allow the LAN firewall to allow any/any.
I am at a loss for this. So if anybody has any ideas, I would love to hear.
Thank you!