VMWare ESXi 5, pfSense 2 and Virtual IPs



  • Hi

    I am testing a few firewall distros in vmware Esxi 5, before going into production in a couple of months.
    Initially, I will be running all my hosts within a single server.

    I want to have one inside network and one WAN network.

    This is how my setup looks now:
    vSwitch (not plugged to a NIC): Internal (192.168.1.0/24)
    vSwitch (plugged into physical NIC0): WAN (22.22.22.0/24)

    I installed pfSense, and connected and configured the two interfaces:
    Internal: 192.168.1.1
    WAN: 22.22.22.2 (Gateway: 22.22.22.1)

    I have configured other two hosts, running (one win win7,
    other with winXP,
    other with CentOS, on the Internal network, with IPs (DHCP configured in pfSense):
    inside_host_1_Win7: 192.168.1.106
    inside_host_2_WinXP: 192.168.1.166
    inside_host_3_CentOS: 192.168.1.103

    All the 3 hosts can ping each other.
    All the 3 hosts can ping the pfSense box (192.168.1.1)
    I configured NAT and all the 3 hosts have Internet access.

    I configured a Virtual IP, 22.22.22.10
    The I configured NAT to the inside IP 192.168.1.166

    However, I can't make the virtual IPs to work.

    Any ideas what could be happening??



  • Nevermind, I figured it out.

    This is what I did:
    1. login into the firewall webgui
    2. go to Firewall -> Virtual IP
    3. Update virtual IPs
    Type: Proxy ARP
    Interface: WAN
    IP addresses: single IP
    Address: 22.22.22.10

    Edit your virtual IPs with the new IPs provided
    4. go to Firewall -> NAT
    5. Select the Port Forward tab
    6.  Create new rule:
    Interface: WAN
    Protocol: TCP
    Source: NA
    Destination: Type: (select your previously created VIP)
    Destination port range: from: MSRDP to: MSRDP
    Redirect target IP: 192.168.1.166
    Redirect target port: MSRDP
    NAT Reflection: Use system default
    Filter rule association: Rule NAT

    Hope this helps someone!

    Cheers!


Locked