Linux machines and VMware ESXi hosts not working on pfSense



  • Hello,

    Today we started to use pfSense. Everything is going okay. We are using Squid, SquidGuard, pfBlockerng. I imported pfSense CA certificate on windows machines, and they have internet connection. But we have 2 problems:
    1. Linux machines cannot open websites. I can ping 8.8.8.8, but cannot ping google.com
    2. I cannot access my VMware ESXi hosts via vSphere Client. I type username and password, but I can't access.

    Our previous router is Mikrotik. Could you please help me to solve this issue? Thank you in advance.



  • Hi,

    Don't worry, pfSense works fine for any device, and was installed ok. It's just a question of 'settings'.
    I'm using several OS's, and none have problems accessing the net, or any site particular.

    You use a Virtualization installation, so have a look, over there.



  • 1. Linux machines cannot open websites. I can ping 8.8.8.8, but cannot ping google.com

    You have a DNS problem.

    2. I cannot enter my VMware ESXi hosts. I type username and password, but I can't access.

    What does this have to do with pfSense?



  • 1. I don't think it is a DNS problem. Because I have imported CA certificate on each windows machine and websites can be opened. No problem here. But Linux machines cannot open websites. Can this problem arise due to the missing CA certificate in Linux machines?

    2. I have installed pfSense 2.4.3 on physical server not on virtual machine. My previous router was Mikrotik. We were able to access all VMware ESXI hosts inside our network. But today we have started to use pfSense. I can ping our VMware ESXI hosts but cannot access  them. Then I began to use Mikrotik again, now I can access VMware hosts. `What can cause this to happen/.



  • I don't think it is a DNS problem. Because I have imported CA certificate on each windows machine and websites can be opened.

    What does that have to do with not being able to ping based on fqdn?  Squid and certificates and websites have nothing to do with ping.  You said you could ping 8.8.8.8 but not google.com.  That is almost always a DNS issue.

    We were able to access all VMware ESXI hosts inside our network.

    You should have your clients set to not use the proxy for local addresses.  No reason for that traffic to go through a proxy server.



  • To set not use the proxy for local addresses do I have to add the ip address of VMware ESXI hosts in the field of Bypass proxy for these source IPs in Squid?



  • Yes , or you can use wildcards to exclude your entire subnet or domain like this

    .local;192.168.



  • I will try this at work tomorrow. Note: I am using vSphere Client to connect to VMware ESXI machines.