Jump to content



Photo

Running my router as a VM inside ESXi

pfsense network setup

  • Please log in to reply
9 replies to this topic

#1 Fahim S.

Fahim S.

    Neowinian Senior

  • Tech Issues Solved: 2
  • Joined: 15-April 02
  • OS: Windows 8 - OG
  • Phone: Google Nexus 4 16GB by LG

Posted 14 April 2013 - 19:59

Hi -

Got a question that I hope someone can help me with.

I want to run my server with ESXi, running a bunch of VMs (pfSense, FreeNAS, a linux server or two) but am a little confused as to how the network will work, or even if it can.

I want to have a NIC dedicated to a pfSense VM connected my FTTC modem over PPOE.
The other NIC will be connected into my LAN (essentially a switch), which is where everything else will connect - including my TV, Sonos boxes, Laptops, Desktop, Phones, Tablets, Access Point for WiFi etc

I want pfSense to not just be my router but also provide services such as DHCP.

If pfSense boots after the ESXi server does, how do I get the ESXi server onto the same network?
How do I configure it all in the first place if there is nothing providing DHCP before the pfSense installation is done?

Hope this makes sense...


#2 TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows Embedded Standard 8 & Server 2012/08 Datacenter
  • Phone: Nokia Lumia 920

Posted 14 April 2013 - 20:10

Its the same as deploying a tmg server, You need two NIC's the external network nic you only add to the router vm none of the other computers should have it.

As for the internal lan you need static addressing (for the virtualization server, routers internal nic etc) As long as they are on the same subnet they can communicate when the vm boots up

Additional services must listen on the internal NIC and if you have a DNS server you should make sure the external servers ip address isn't registered in dns because you don't want clients on the internal lan to try to connect via the external nic ip address.

#3 OP Fahim S.

Fahim S.

    Neowinian Senior

  • Tech Issues Solved: 2
  • Joined: 15-April 02
  • OS: Windows 8 - OG
  • Phone: Google Nexus 4 16GB by LG

Posted 14 April 2013 - 20:22

Its the same as deploying a tmg server, You need two NIC's the external network nic you only add to the router vm none of the other computers should have it.

As for the internal lan you need static addressing (for the virtualization server, routers internal nic etc) As long as they are on the same subnet they can communicate when the vm boots up

Additional services must listen on the internal NIC and if you have a DNS server you should make sure the external servers ip address isn't registered in dns because you don't want clients on the internal lan to try to connect via the external nic ip address.


Sorry - a TMG server?

#4 TPreston

TPreston

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 18-July 12
  • Location: Ireland
  • OS: Windows Embedded Standard 8 & Server 2012/08 Datacenter
  • Phone: Nokia Lumia 920

Posted 14 April 2013 - 20:29

Another secure gateway/router the setup for both is similar, two nics internal/external etc

#5 OP Fahim S.

Fahim S.

    Neowinian Senior

  • Tech Issues Solved: 2
  • Joined: 15-April 02
  • OS: Windows 8 - OG
  • Phone: Google Nexus 4 16GB by LG

Posted 14 April 2013 - 21:04

Thanks.

But how do I give the 'empty' ESXi server a static IP address in the first place?

Is that something that needs to be done during the installation of ESXi?

#6 The_Decryptor

The_Decryptor

    STEAL THE DECLARATION OF INDEPENDENCE

  • Tech Issues Solved: 4
  • Joined: 28-September 02
  • Location: Sol System
  • OS: iSymbian 9.2 SP24.8 Mars Bar

Posted 14 April 2013 - 21:36

You'll configure the static IP as part of the installation of pfSense.

#7 +ChuckFinley

ChuckFinley

    member_id=28229

  • Joined: 14-May 03

Posted 15 April 2013 - 20:51

I see what your getting at, Especially if the DHCP server is a VM and it comes up AFTER the ESXi Host. It should never be designed like that anyway just give it a static if you can then it doesn't need to change. Also you can set your VM's to power on automatically so that would work. ESXi Hosts are designed to very rarely go down ;-)

#8 vetneufuse

neufuse

    Neowinian Senior

  • Joined: 16-February 04

Posted 15 April 2013 - 21:13

Sorry - a TMG server?


TMG is a threat management gateway, MS makes Forefront TMG, which use to be ISA Server

#9 farmeunit

farmeunit

    The other white meat.

  • Tech Issues Solved: 2
  • Joined: 05-May 03
  • Location: Branson, MO USA

Posted 15 April 2013 - 21:30

As ChuckFinley stated, just give the ESXi box a static address. Once it's running, at the console, there is an option to assign the IP address. Then restart the networking. I believe it prompts to do that anyway.

Then your router distro will handle all the DHCP addressing for everyone else.

#10 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 86
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 18 April 2013 - 13:07

I run my pfsense as VM on my esxi host.

Your esxi host vmk IP would be STATIC, why would you ever use on your esxi host in the first place?

setstaticesxi.jpg



Click here to login or here to register to remove this ad, it's free!