1WAN + 3 LAN ports; 2VLANs from ISP; running on VMWare ESXi



  • Hi, first of all i am not exactly sure where to post this, since it overlaps more than one topic. I will be happy for any help / links. Thank you ahead of time! :)

    I am using virtualized pfsense running on 4core xeon, 12gb ram, 4 nics (2 onboard + 2 nic intel card).

    What i want to do is illustrated on the image at the bottom.

    • Connect my uplink from ISP - two Vlans, one for internet (vlan 3) and the other for IPTV (vlan 7).

    • Route internet to my desktop PC.

    • Route internet to dumb router (TP-Link - wifi, 4 ethernet ports).

    • Finally to use the last ethernet port to send IPTV signal to the TV (vlan7).

    What I've been able to do is setup the internet so that it works correctly on 1 lan interface (dhcp set up on this interface).
    .

    I added the two other interfaces in PfSense (enabled them + set up IP address), but devices connected to these ports do not get IP address from DHCP (understandably since it is not set up for the interface - i can set up separate DHCP server for each interface, but then they cant see each other) and cannot connect to the internet.

    My question is. What do i need to set up to allow the two ports (eth0 and eth1 on diagram below) to route internet connection to my devices and what do i need to set up to use the eth2 to route the IPTV to my TV? Use some kind of bridge (how to set it up)?

    VLAN setup

    Network diagram

    ESXi network settings

    Ignore the disconnected cards in the screenshot, for working purposes i am using different setup, when i am not playing with it, so i can actually do some work instead of tinkering :)



  • Hi
    Two things come in mind when i see your setup.

    1. Did you configure the VLANs on the client side properly? The packets need to be tagged with the correct VLAN id (automatically or by the client) and accepted on that Port on the Switch.
    2. Do you see the blocked Traffic in the firewall log? Then you are missing a firewall or NAT rule to allow traffic to the Internet or other subnets.

    Everything else seems correct.
    I can not tell you the VLAN setup on the ESX side, as I currently have no ESX by hand to check or test some settings.


Log in to reply