• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Another DHCP issue with VMs

Scheduled Pinned Locked Moved L2/Switching/VLANs
3 Posts 1 Posters 578 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    distengr
    last edited by distengr Jul 23, 2022, 5:10 AM Jul 23, 2022, 5:05 AM

    Hello Pfsense experts!

    I'm here after going through multiple posts related to DHCP not working but I always seem to be either missing some information or the related post is not similar to what I'm setting up. Please excuse my english and lack of knowledge of basic networking. I'm trying my best to get upto speed with this and and try to verify if my understanding is correct or not.

    This is the high-level architecture of my setup. With this configuration, my Asus access point has no issue working well and is able to pass through all the DHCP traffic to the devices which are connecting wirelessly. The only problem is the VMs which are running within ESXi. Choosing anything apart from the Trust. All the traffic is going through a TP-Link TL-SG108E switch(not sure if this is a bad switch since I heard it is?) Please help. I'm at my wits end!!!

    HLDHomeLab.jpeg

    Below are the ESXi, switch and firewall configuration

    ESXi
    ESXi-Portgroup.jpeg

    ESXi-Portgroup-Trust.jpeg

    ESXi-Portgroup-Client.jpeg

    ESXi-Porgroup-VMNetwork.jpeg

    ESXi-Porgroup-Untrust.jpeg

    ESXi-Porgroup-Trunk.jpeg

    ESXi-Porgroup-Server.jpeg

    ESXi-Porgroup-ManagementNetwork.jpeg

    1 Reply Last reply Reply Quote 0
    • D
      distengr
      last edited by Jul 23, 2022, 5:07 AM

      Continuing from my previous post since reached image limit

      Switch
      Switch-VLANConfig.jpeg
      Switch-PVIDConfig.jpeg

      Firewall

      Firewall-Interfaces-Client.jpeg

      Firewall-LAN.jpeg

      Firewall-Rules-Client.jpeg

      Firewall-Rules-LAN.jpeg

      Firewall-Rules-Server.jpeg

      Firewall-VLAN-Client.jpg
      Firewall-VLAN-Server.jpg

      1 Reply Last reply Reply Quote 0
      • D
        distengr
        last edited by Aug 14, 2022, 5:56 AM

        I've finally managed to get this fixed, thanks to a kind soul found on the Internet. I basically got schooled(again!) on layer 2 traffic and having an extra pair of eyes go through the firewall config, I found out what the problem was. I was basically trying to shoehorn VLAN traffic through the switch and causing a loop(even with loop prevention turned off). However, this was not affecting my regular traffic which made me continue to troubleshoot and assume that my configuration was correct.

        Considering my requirement has been that VMs talk to each and gets update over the internet and nothing outside of these VLANs, I added another interface to pfsense(trunk port) and in pfsense, changed the VLANs to be going through the new interface, rather than still pushing it through the physical LAN which I was trying to do. I now get DHCP AND the machines are able to reach out to the internet.

        Once I added the trunk network interface as an additional NIC, it showed up as a 3rd interface on pfsense which showed as vmx2

        ef00ec88-22ea-4b6e-a5cb-a5cd24c95b2e-image.png

        I used the third NIC to pass my VLAN traffic
        97e9f5c0-4b2a-4482-8320-999d1e4bbdaf-image.png

        Earlier, I had configured VLAN to be going vmx1, by letting the traffic go out through the LAN/Trust interface and then trying to get it back through the same port (since I didn't have another NIC free on ESXi). Now, all my VMs are getting the correct IP address range

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received