ESXi 5.5 setup
I am renting a dedicated server from OVH, a fairly good one too for my purposes. With the server i get remote access (KVM etc), 1 IP address, 1 NIC (well 2 but 1 is disabled and does nothing).
I looked around and found pfSense, now before i start i'm going to outline what i want to achieve and if pfSense or even ESXi isn't what i need please let me know.
I will have 2 VMs, 1 windows and the other linux though i may split my linux depending on roles. The windows i just need to be able to RDP to it and maybe run IIS on it. The linux i will have an email server, web server etc so need to be able to set this up.
I have followed numerous guides on trying to set this up but all assume i have physical access or 2 NICs.
I'd like to maybe have pfSense on the front even ahead of ESXi so that when i RDP onto the windows i can use vsphere to make changes locally but only once i have done everything else, something along the lines of:
Web -> WAN -> pfSense -> Lan -> VMs + vsphere connection
Let's forget everything i've done so far and tried and assume i know nothing, can someone please give me a step by step guide on how to set up pfSense on my server as no matter what i can never get the WAN to get an IP.
I'm willing to reinstall ESXi and start from scratch again.
To clarify i need to be able to have multiple domains pointing to 1 IP and being able to route them to either just 1 linux VM or multiple, have different websites running and an email server on the linux VM, be able to RDP onto a windows VM. Basically turn pfSense into a router and forward what i want to where etc.
Also with pfSense running is it still possible to have on the linux box domain 1 takes you to A and domain 2 takes you to be with apache or will it not be able to like a normal non VM server?
If any more information is required then please let me know.
Thanks in advanced.
Couldn't post before because attachments were not working.
Attachment is how I would go about it. You would need to allow pfsense admin on the wan side first, etc. Not sure how you would set this up from the get go but you said you had console access. So you can console to the esxi after you install it?
Where the pfsense vnic attached to vswitch0 would be its wan, vswitch1 would be its lan and another 1 could be attached to the vmkern portgroup/vswitch. And the vms would be inside the esxi host box for sure - not sure why I drew it like that ;)
The thing is i install pfSense on a VM and i still have full access to ESXi as in like no changes are made by pfSense and everything works as was before. Even if i install pfSense and changes are made i still have KVM console access so i won't lose access.
Can i get a step by step from the beginning from anyone?
And you have 1 public IP address, what IP address are you getting on pfsense wan and what IP are you accessing esxi with? What do you think pfsense should block exactly? Pfsense can only block to stuff BEHIND it..
I already showed you how the network could look – if you need a hold my hand watch the ball bounce guide to setting this up.. You shouldn't be setting it up ;)
I have 1 IP, pfSense never gets any IP on the WAN. The only way i can access pfSense is localhost via another VM. I don't need a hold my hand but no matter what i do the WAN doesn't do anything on pfSense so was looking for a step by step to see if i'm doing anything wrong?
Thats because you probably already use that IP for you esxi management network. You cant use one IP twice.
Ok, then how do i go about swapping it over so ESXi stops using it and pfSense uses seeing as i do have console access even without the need for the public IP.
You answered you're own question.
So clearly if you have 1 IP and expected both pfsense and esxi vmkern to share that you were doing something wrong ;)
Your vmkern is going to have to be behind pfsense, so as I showed in my drawing it has a rfc1918 address BEHIND pfsense. You then setup pfsense to forward to your vmkern IP when you hit port X on pfsense wan IP.