Want to implement a virtual router as a gateway between VMs and the outside worl

virtualchi · Jun 11, 2015, 3:53 AM

I appreciate the help. Just a little confused with steps 4 and 5.

1.I setup two Nics. A WAN and LAN.
2.I created two vswitches in my ESXi.
3. Connect all my VMs to my WAN
4. Connect the physical port to the outside switch ? ethernet cables are connected to my two vswitched.
I have an unmanaged 5port switch connected to AT&T home router and server two nics connected to 5 port unmanaged switch.

5. if you want the servers to work together, connect a different ethernet port to the inside switch and plug it in to the 'inside' ethernet port on the other server which should have the same setup with the 'inside' switch? Do i create a seperate switch with vms and nic?

biggsy · Jun 11, 2015, 7:38 AM

See if this helps at all:

https://doc.pfsense.org/index.php/PfSense_2_on_VMware_ESXi_5

KOM · Jun 11, 2015, 12:56 PM

2 vSwitches, one for WAN, one for LAN. Connect WAN switch NIC to your cable modem. Connect LAN switch NIC to your external LAN switch. Connect LAN clients to LAN switch. Done.

virtualchi · Jun 13, 2015, 4:31 PM

Biggsy - I went thru the guide and I think I have completed the setup.

KOM - I tried your steps.

Connect the WAN switch physical NIC to AT&T router.

Connect the LAN switch NIC to external unmanaged switch. My PC is connected to this unmanaged switch and lost internet connectivity. I have vSphere client on my PC.

I apologize if I don't know what I am doing. I am new to PFsense and have a basic networking background.

Can you please let me know if my PFsense setup is complete?
I logged in pgsense 192.168.1.1 and left all the defaults.
I want to setup a VM with Windows Server 2012R2 VM DHCP, DNS.

My physical connections are like this:
AT&T router cable is connected to 1 port on the unmanaged switch
MY PC Ethernet cables is connected to unmanaged switch
My Server two physical nics are connected to unmanaged switch.

Thank you very much

KOM · Jun 15, 2015, 1:16 PM

Your WAN and LAN can't be on the same network. You have them both at 192.168.1.x. Change your LAN to something else like 10.0.0.1 or 192.168.2.1 etc.

biggsy · Jun 15, 2015, 7:35 AM

@virtualchi:

My physical connections are like this:
AT&T router cable is connected to 1 port on the unmanaged switch
MY PC Ethernet cables is connected to unmanaged switch
My Server two physical nics are connected to unmanaged switch.

Is there only one unmanaged switch? If so, your physical network is all wrong.

Can you provide a diagram?

virtualchi · Jun 15, 2015, 8:36 PM

Please see attached screen-shot diagram.

I think my setup should be diagram B.
PFSense will handout IP addresses to DHCP clients.

I did try diagram B and DHCP didn't handout IP address to my PC. I left all the defaults in PFsense. Is there anything else to do?

thanks for the help. I know this is probably very basic stuff.

KOM · Jun 15, 2015, 8:58 PM

Your current setup will never work. Configure it like Setup B and you should be fine. Make sure WAN and LAN are on different networks. Make sure your WAN IP address is on the ATT router's network.

virtualchi · Jun 17, 2015, 3:01 AM

unfortunately I am still having issues.

I cannot get PFsense DHCP to release IP address to my clients.

What I've done.
My WAN interface is pointing to my AT&T router. I configured the correct EM interface is okay in PFsense. Same for LAN interface.
LAN interface is pointing to unmanaged switch.
PFsense configured as defaults.
ipconfig/release ipconfig/renew on my desktop and no luck.

I was not able to disable NAT and activate bridge mode on my AT&T router. Probably need to call AT&T. Could this be my issue?

johnpoz · Jun 17, 2015, 4:18 AM

Doesn't matter if your wan was unplugged in pfsense - that has NOTHING to do with clients on lan side getting IP addresses.. If you can get an IP then either dhcp server not running on pfsense, or you have a connectivity issue.

So What IP did you put on pfsense lan? Put a static on your client in that network - can it ping pfsense.. If not then how would it get an IP from a dhcp server?

Why do you have a 2nd vmkern port group with APIPA address on it? On a vswitch that doesn't even have a physical nic attached?

What is that 2k12 vm going to talk to? There is no leg of pfsense in the vswitch either..

You sure you have the correct nics connected, and the correct vnics in pfsense connected to the right vswitches? Look at the macs of your pfsense vnics and make sure you have your lan in your lan vswitch and your wan in your wan vswitch, etc.

If your on the wan side of pfsense then your never going to get a dhcp address from pfsense, etc.