Accessing pfSense and multiple VMs running https on port 443



  • Hi,

    First time user here, I tried searching the archives but have not been able to find anything that addresses my concern, apologies in advance if it has already been covered.

    I have an ESXi (VMWARE) server hosting a pfSense VM and several other VM's, each of which is running a server I would like to access with https. The ESXI Server is accessed via a single external IP address, e.g. "SERVER_IP".

    I don't mind having to use a different substitute port in the external addressing, e.g.:

    <server_ip>:443    ==> <pfsense vm="">:443
    <server_ip>:20443 ==> <vm1>:443
    <server_ip>:20444 ==> <vm2>:443
    <server_ip>:20445 ==> <vm3>:443

    However, I can only get this to work for pfSense and one (1) VM. When I try a second or third VM, I get a timeout.

    I've also tried it this way:

    <server_ip>:20443 ==> <pfsense vm="">:443
    <server_ip>:443    ==> <vm1>:443

    With the same result. Other than pfSense and 1 VM, I cannot access subsequent VM's.

    Any ideas what might be going on or how to troubleshoot it?

    Thanks!</vm1></server_ip></pfsense></server_ip></vm3></server_ip></vm2></server_ip></vm1></server_ip></pfsense></server_ip>



  • https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

    https://doc.pfsense.org/index.php/Firewall_Rule_Troubleshooting

    Post screenshots of your NAT rules (port forward specifically) and WAN firewall rules.


  • LAYER 8 Global Moderator

    So these other vms are behind th pfsense vm? The way i see your drawing pfsense is just another vm?



  • Hi KOM and johnpoz,

    thanks for responding. I'm attaching a diagram of my setup as well as a screenshot of the NAT and WAN firewall rules.

    I'm accessing the pfSense VM at <ip>:20443 and the IDRAC at <ip>:443

    I would like to access other VM's (e.g. VM X and VM Y in diagram) at <ip>:443, and this is the part I can't get to work.

    I cannot change the https port on VM X and VM y.

    Any thoughts appreciated.


    </ip></ip></ip>


  • LAYER 8 Global Moderator

    so your running all your vms on the vmkern network? (mgmt lan) ??  The idrac is its own physical interface is in not?


Log in to reply