Running on ESXi/vSphere 5.5 - PPTP problems
-
Just migrated from a hardware solution into vsphere/ESXi 5.5 and pfSense 2.1.
Following the suggestion in the "official" guide at https://doc.pfsense.org/index.php/PfSense_2_on_VMware_ESXi_5 I configured the NICs as E1000. All works well except for outbound PPTP (we don't use inbound PPTP) - no go after an hour of checking rules (that worked on the hardware box running pfSense 2.0).
Came across this interesting article from VMware:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2061834
indicating that E1000 in ESXi 5.5 no longer support PPTP and the work-around is to move to VMXNET3 NICs. Tried this but they are not recognized in pfSense 2.1 (even with the VM Tools package installed). Tried VMXNET2 NICs that are supported in pfSense but still no go for outbound PPTP.Anyone got outbound PPTP to work with ESXi 5.5?
-
The VMware article seems to say it's a bug, rather than support has been dropped.
Assume you are aware of this: http://forum.pfsense.org/index.php/topic,54255.0.html. Migrating away from PPTP might be something to work on anyway.
I don't think you'll get the VMXnet3 to work with the Open-VM-tools package for pfSense. You may have to go through the process of installing the official VMware-supplied VMware Tools.
Unless there's something in 5.5 that you need, perhaps try ESXi 5.1 update 1?
-
Yeah - hopefully there will be a patch to ESX fixing the PPTP problems.
As for PPTP in general - sometimes you don't have the luxury of choosing - you just have to use what your customers are using…
-
Sorry I just posted about this without looking at this post. You do need to run the VMXNET 3 cards but you need to install VMware Tools (the real ones not the Open ones) first, remove the E1000's, add the VMXNET3's and reboot the VM then pfSense will recognize the cards. And PPTP will work ok. Here's the steps I use…
- Setup the machine as usual with E1000's.
- Setup VMware Tools as follows:
a) SSH into pfsense
b) pkg_add -rv perl
c) pkg_add -rv compat6x-amd64 (or -i386 if you're on 32-bit hardware)
d) pkg_add -rv nano (since I hate vi)
e) edit the /etc/rc file and change the line that says "/sbin/ldconfig -elf /usr/lib /usr/local/lib /lib" to "/sbin/ldconfig -elf /usr/lib /usr/local/lib /lib /usr/local/lib/compat"
f) /sbin/ldconfig -elf /usr/lib /usr/local/lib /lib /usr/local/lib/compat (need to run this so we have it configured now, the /etc/rc file will set it from now on)
g) Start VMware Tools install from Guest, Install/Upgrade VMware Tools
h) mkdir -p /mnt/cdrom
i) mount_cd9660 /dev/acd0 /mnt/cdrom
j) cd /tmp
k) tar xvzf /mnt/cdrom/vmware-freebsd-tools.tar.gz
l) cd vmware-tools-distrib
m) ./vmware-install.pl -d --clobber-kernel-modules=vmxnet3,pvscsi,vmmemctl
That's it for VMware Tools, you'll need to repeat from step g if you update the tools later on. - Shutdown the pfSense VM.
- Edit the machine settings, remove the two E1000 interfaces and add two new VMXNET3 interfaces connected to the appropriate virtual switches.
- Turn pfSense VM back on.
- You should see something like this:
That should be it. Just setup the interfaces like usual (the names will be something like vmx3f0 and vmx3f1, etc.) and PPTP worked for me.
-
thanks for the info.
fixed the VMXNET 3 and PPTP is working
BUT TRAFIC SAHPER ALTQ is not recognizing my network adapters….
how can i fix it ?
i'm using pfsense 2.1 with esxi 5.5
thanks in advance
