Virtual machine network switch
Virtual machine network switch
Thanks to a router quirk, port forwarding isn't working as expected. To connect externally, placing the device in DMZ is necessary, which isn't ideal. Upgrading hardware would be costly, especially since the current unit meets ISP standards. Would setting up a virtual router in VMware ESXi and port-forwarding from it be a viable alternative? I'm not comfortable with complex network configurations and prefer having others handle heavy tasks. Are there other solutions you recommend? *note:* This is for PfSense, though I'm open to other options.
At work we manage routers and firewalls—especially PFSense—on ESXi continuously. Configuring them can be challenging since we must distinguish between the VM’s WAN and LAN connections, which may require separate physical ports or VLAN setup.
I was thinking of using this as a reference, but I wasn’t sure if I could configure the machine to be in the DMZ. Then I’d have to set up port forwarding on the virtual network switch that ESXi manages—like DNS, web hosting, email servers, and so on. I don’t want everything packed into one VM, as it’s not a good approach.
I haven't checked that manual, but it looks like you'll require two distinct virtual switches—one for WAN/DMZ and another for the LAN port. The items PFSense will forward must be linked to the LAN switch in some way. That "somehow" could mean using separate physical Ethernet ports (possibly with an external switch) or assigning them to VLANs. If all your forwarded tasks are running as virtual machines, you should connect them directly to the LAN virtual switch.
They run on one ESXi host with software installed locally, using the four Ethernet ports from the HP ProLiant DL380 G7. Since I don’t have any switches at home, I’m considering a virtual setup instead, which would be more cost-effective.