So, I have a Dell R620 running ESXi. I have two network cables coming into different NICs, each one on it's own network. I am trying to set up ESXi to run a webserver and a Kemp load balancer. now, in my home network, I have two LANs comming off a PFsense box, one connects to my VPN and its where most of my computers and all of my wifi traffic goes, and I have a second LAN that connects directly to the ISP, since the VPN blocks incoming traffic so you cannot run a server on it. I want to connect to the ESXi server over the VPN from inside to manage it, but I want it to use the raw internet connections to pass through to the VMs, since both of those have to be accessible from the outside. right now however, it appears ESXi defaulted to both connections being on a single virtual switch, and the connection for the server management is on the open LAN, not the VPN LAN like I had wanted, and I am not sure how to change this. any help would be appreciated.
ESXi Network help
- Thread starter Techie241
- Start date
-
- Tags
- dual lan esxi 7 networking
Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
Not entirely sure I got you, but it should be a simple matter of adding a second vswitch and moving one NIC to that new switch.
Then assign the direct internet connection only to vms that should have it (and potentially the internal one too since you want to manage them via these. Make sure you are not routing on these boxes).
Then assign the direct internet connection only to vms that should have it (and potentially the internal one too since you want to manage them via these. Make sure you are not routing on these boxes).
I was actually trying to figure out how to delete the thread because I realized I was being really dumb. you are right, what seems to have done what I needed it to was create a vswitch, assign the raw internet port to the uplink, then create a port group for that switch that I could assign to the VMs I wanted to have raw internet. I also found out that to change the nic for the management of the ESXi Server, I could just change the uplink for the default vswitch. as far as assigning the VMs the VPN internet I may end up adding it to the load balancer, because Ideally that would be the only thing in the entire house connected to the raw internet. since my setup has all traffic comming into the load balancer that then uses L7 rules to direct traffic, I think it may be theoretically possible to set it up such that traffic can come in on the raw internet and then be redirected to a server on the VPN network, which would vastly limit the attack surface, but I am not sure if that is actually possible so I plan to look into it. but end of the day, right now I don't want those added to the VMs because I don't mind logging into ESXi and then remoting into the machines that way, so I only really need the ESXi box to be connected to the VPN
