Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Forgive me in advance, I need advice/direction complete noob

    Scheduled Pinned Locked Moved
    Virtualization
    2
    2
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      illuminate1
      last edited by

      Hi everyone. I am not even sure if I have a specific question yet so much as I need general direction.
      Let me describe my environment.. I am working in a small lab, multiple vlans, anytime something needs to reach "outside" I basically have to assign the second nic with a public IP. I decided that we have much to many physical servers and spun up a ESXi host. It has 4 physical nics. I have it configured to where the vmnic0 is the trunk and can support any of the vlans tags I have. I have a second physical nic assigned to an iSCSI device for storage. That leaves me two physical NICs left. I have NO firewall experience. My last company all that was figured out for me, I would build servers as needed with DHCP and not have to worry about it. Obviously this isn't the case any longer!  How do I set up pfsense to use one of the physical NICS to connect my ESXi VMs with a range of public IPs? I am so overwhelmed with terms like bridges, DMZ, etc. that I am just further confusing myself with reading it. I would be happy to share screenshots as necessary. Just to test, I did hook up a VM to a public IP  by using another physical nic but obviously that isn't secure or scalable.

      Please help! I would love to have this up and running to support more VMs that need internet access. Thanks so much for reading!

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        "I basically have to assign the second nic with a public IP."

        Your kidding right??  And there is no firewall between this second nic and the internet other than some host firewall your running on each machine?

        Why would you not just route internet access from your vlans.  Do you put these public IPs on the devices because they need INBOUND traffic from the internet, or to access the internet.  Are these servers your running providing services to the public net?

        What do you have currently connected for internet? How many public IPs do you own?  How is the internet connected into your network - you just have some router that connects your public ip netblock?

        A simple diagram showing your current setup of these test machines and how they interconnect and then what gets you to the internet.  And we can design a better setup.

        And sure pfsense running on a vm would more than likely work just fine.  But a current layout of your network and devices that connect them and the internet would be helpful.  What router do you have that connects you do the internet?  I am amazed there is no firewall between your devices and the public net??

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.03 | Lab VMs 2.7.2, 24.03

        1 Reply Last reply Reply Quote 0
        • First post
          Last post