ESXi how to?
-
You have two choices and it will mostly depend on your machine and it's ability to facilitate Device Passthrough.
Your VNIC is attached to a Virtual Switch (which is attached to the physical LAN).
Are you using vSphere Client or Server? Are you using the free trial or a licensed version? If licensed what level (standard, basic, enterprise, enterprise plus, etc.) because it makes a difference what version of ESXi5 you are running.
This is an old setup (the first one I built) and I had the luxury of having 7 NICs on that machine so I kept one for the management interface because I had not yet figured out how to configure the thing.
I was very new at this (still am really) so I don't know if this is right, wrong, best practices, etc. but I seperated my WAN, LAN and Management Interface out separately. Each Interface connects to a virtual switch - because the hypervisor sits between the hardware and the guest OS (pfsense in this case) you can not directly assign a physical NIC to pfsense, you must assign a virtual NIC and then attach it to a virtual switch, which is attached to the physical NIC.
That's probably a really bad explanation and not best practices, etc. so I'm fully prepared to be flamed, made fun of and/or corrected for my misinfo.
Depending on what type of license you have you can use device passthrough and assign pfsense directly to one or two physical nics like you would if pfsense was running directly on hardware. I also assume that you could setup VLANs on a virtual switch and run your WAN and LAN interfaces through the same virtual switch attached to the same physical NIC… but I have no clue how to do that (yet).
If you see my vmnic1 adapter (with the "X") it means nothing is connected to that interface - but if I do connect a machine (or switch) to that interface then it'll function as part of the pfsense box's LAN just like the rest of the VMs on the HV.
Hope that sort of helps & also hope that someone else with a lot more experience comes in and corrects antyhing I botched.
-
Well I'm running it an issue and cannot figure it out. I beleive that I've properly setup my NICs and virtual switches but for some reason when trying to setup the interfaces in pfSense it gives a Network Interface Mismatch and says all NIC cards are an intel (i've got 1 intel and 2 realtek) with weird MAC addresses. And when I setup my interfaces pfSense doesnt detect any interface being up.
Am I missing something?
Im on 5.0 ESXi and have pfSense 2.0 release.
I've got 3 NICs that I'm wanting to use with pfSense, as you can see in the screen shots.
-
luke240778,
provided that you can figure out which vNIC presented to pfSense is connected to which vSwitch you should be OK. With two interfaces you have a 50/50 chance of getting it right ;) but you can disconnect both cables, reconnect one and see which shows as "up".
Another (slightly more complicated) way involves SSH'ing into your ESXi host and running the script I mentioned here http://forum.pfsense.org/index.php/topic,34043.0.html This will tell you the MAC addresses ESXi has assigned to each of the vNICs presented to your VM.
nutt318,
You probably could have found the answer to this if you had looked through this forum - it's come up a few times. The interface mismatch just means you haven't assigned the virtual interfaces in pfSense yet. It's a quite normal but not a very "informative" message.
-
biggsy,
Yea, I found that I had to manually enter the interface name for each instead of doing the auto assign. So now that I've got my interface configured I've got a strange issue. For some reason both the wan and lan iterface have to be plugged into the same switch for me to access the admin page. Also for some reason at random times my ESXi server crashes while switching cables, not sure why but maybe you might have an idea. Here is the screen shot of my ESXi server after switching some network cables. Maybe 1 of my NIC's isnt fully supported?
-
nutt318,
Yep, I've never managed to get auto assign to work under ESXi.
For some reason both the wan and lan iterface have to be plugged into the same switch for me to access the admin page.
That's definitely not good. Does this happen when you're swapping cables to get to the admin interface or to figure out which interface is which?
What choices did you make when creating the VM - O/S, NIC type, etc?
-
Hi biggsy,
Yea, I get that error trying to figure out which NIC is wan/lan. What is weird its random, one time I booted up the ESXi server without any cables connected to the NIC's and started pluging them in and the pink error. Another time everything was connected and I was unplugging cables and noticed the pink error.
Anyways when I setup pfSense I choosed other linux OS 64bit
As for the NIC type it says E1000.
Any ideas?
-
one thing I have noticed with ESX and pfSense is that they are assigned in order.
vnic0 - em0
vnic1 - em1and so on. I personally have not run into a case where that is any different. I an not saying that one does not exist.
-
…I choosed other linux OS 64bit
That could well be your problem then. pfSense is FreeBSD.
Choose Other > FreeBSD (64-bit) - assuming you are using the 64-bit and not the 32-bit pfSense.
Podilarius,
I don't disagree but the problem is really how to identify which vSwitch is presenting em0 to pfSense. For example,
my cable modem is connected to physical adapter vmnic1 and it's connected to vSwitch1 but that appears to pfSense as em0. My LAN is vmnic3 and its connected to vSwitch2 which appears as em1. -
Podilarius,
Now I see what you're saying. Under Edit Settings for the VM, Network adapter 1 = em0 and so on.
Thanks for making me think about that. It never occurred to me that it might be that simple.
-
Yes, sorry about that. I should have not used existing VMWare speak to convey that I was just talking about order in the settings.
-
strangely enough i just installed pfsense and have setup the interfaces and everything just works… pfsense works, i can still get to my ESXi through vSphere.. do i actually need to do anything with the NIC settings? it seems that it all just works...
-
Congratulations.
If it isn't broken… ;)
-
:) agreed.. i just want to be sure that i havent got it setup wrong and have future problems