Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    getting esxi management behind web access i pfsense

    Scheduled Pinned Locked Moved Virtualization
    4 Posts 2 Posters 737 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      torefloo
      last edited by

      i have a dedicated server in a datacenter environment, I installed esxi on it, and I configured pfsense virtual on this esxi.i have completed the pfsense configurations other virtual machines are communicating successfully from behind pfsense.But I want to get behind pfsense and give it a private local ip instead of the public ip of the management of the existing esxi on the web, it will be safer and I won't get an attack.

      Is it possible how I can do this.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        You should be able to setup an additional virtual NIC for the host to use as access and then setup the real NIC as passthough to the pfSense WAN. That way the ESXi management would not be available on the public IP. Is that what you mean?
        It would be VERY easy to lock yourself out making that change though so make sire you have some OOB access to the server before attempting it.

        Steve

        T 1 Reply Last reply Reply Quote 0
        • stephenw10S stephenw10 moved this topic from General pfSense Questions on
        • T
          torefloo @stephenw10
          last edited by

          @stephenw10 firstly, datacenter gives us an uplink port with a single cable,
          yes, I created a vmkernel on esxi to connect the uplink port to the actual nic port, I also created another vmkernel and selected the pfsense lan leg as the portgroup and assigned the local ip. but after defining the local ip, when I delete the port facing the physical nic, all my connections are gone.So in this case, I just need to remove the management tick on the vmkernel that looks at this physical nic and has a public ip definition without deleting it.
          yes, I have access to the server from the idrac port, by the way, in order to Dec able to intervene if there is an interruption.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            I can't really comment in detail here. I don't use ESXi myself.

            Do you still have access to the pfSense WAN after making that change?
            What connections are you actually losing?

            Obviously access to the management would then be via port forwards or VPN etc so connections there would have to be remade if that was not already in place.

            Steve

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.