Route between VMS



  • I have a general setup and usage question for vSphere 6.0 for a test system we are working on in a lab.

    Not being familiar with pfsense, I thought this would be the place to start.

    In vCenter, in the networking, we have two vSwitch’s that are not connected to physical nics.
    In vSwitch1, we have VMs set up with addressees  in 10.60.117.1/24 and in vSwitch2, addressees  in 10.60.115.1/24.

    We need to allow access between the VMs.

    What are the steps required in loading pfsense and setting up routing  to allow the interaction between the VMs?

    Thanks



  • Can we assume that you also have a vSwitch0 that connects to your real LAN?  If so then you create a pfSense instance with 3 NICs: 1 x WAN, 1 x LAN, 1 x OPT1.  In vSphere, connect your pfSense WAN NIC to vSwitch0. Connect pfSense LAN NIC to vSwitch1.  Connect pfSense OPT1 NIC to vSwitch2.  There will already be a firewall rule on LAN that allows traffic to flow to OPT1 or WAN, but you will need to add a rule to OPT1 that allows traffic to flow from OPT1 to LAN or WAN.  Just copy the Allow All rule on LAN and add to OPT1.



  • Yes, we have vSwitch0 connected to our internal DMZ.

    Prior to my posting,
    I built the pfsense instance from ISO and I set the LAN to 192.168.200.1.
    That is what is shown on the pfsense console above the 16 options.

    Logging into the pfsense GUI at 192.168.200.1,  the screen shows "On this screen you will set the general pfSense parameters"

    Do i need to reload the instance and change the WAN and LAN IPs?

    thanks



  • Do i need to reload the instance and change the WAN and LAN IPs?

    You haven't given anywhere near enough info to determine that.  What is your DMZ network?  Do you already have networks determined for your LAN vSwitch and OPT1 vSwitch, eg. do yo already have other VM clients connected to those switches?  If so, what address space are they using?



  • I set recall setting upo  a

    The DMZ is 172.16.10.1/24 connected to vSwitch0

    vSwitch 3 and 4 have the VMs we want to route.

    Thanks



  • pfSense WAN should be in your DMZ network so give it an IP address in the 172.16.10.0/24 subnet.

    If the VMs you want to route are on vSwitches 3 & 4 then your two pfSense LAN NICs should be connected to those switches.



  • @stanj:

    I have a general setup and usage question for vSphere 6.0 for a test system we are working on in a lab.

    Not being familiar with pfsense, I thought this would be the place to start.

    In vCenter, in the networking, we have two vSwitch’s that are not connected to physical nics.
    In vSwitch1, we have VMs set up with addressees  in 10.60.117.1/24 and in vSwitch2, addressees  in 10.60.115.1/24.

    We need to allow access between the VMs.

    What are the steps required in loading pfsense and setting up routing  to allow the interaction between the VMs?

    Thanks

    Just create a virtual with three vnics - one attached to each virtual switch and one not connected. Install pfsense on the virtual. Configure pfsense's LAN interface on the vnic that connects to the 10.60.117.0/24 network, and connect the OPT interface to the 10.60.115.0/24 network. Create rules accordingly. Connect the WAN interface to the unconnected vnic.

    If you just want routing between the two networks (no rules and no NAT), you might find a plain linux virtual easier to deal with.


Log in to reply