Author Topic: wanos + ESXi with pfSense Firewall VM  (Read 6374 times)

Spiffster

  • VIP
  • Full Member
  • *****
  • Posts: 39
    • View Profile
wanos + ESXi with pfSense Firewall VM
« on: October 15, 2014, 03:48:48 AM »
I have an ESXi server running at home where I have a pfSense firewall VM and Im having issues getting my head around how I need to set things up so I can test between home and office over OpenVPN.
On my home ESXi server I currently have two vSwitches, each with a dedicated NIC labeled LAN and WAN.
pfSense is connected to the WAN vSwitch as well as the LAN vSwitch along with everything else. How do I place wanos between the two within ESXi being that the firewall is not a separate device?



Thanks in advance for any assistance provided. wanos looks like a great product!
« Last Edit: October 15, 2014, 04:03:48 AM by Spiffster »

ahenning

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 629
    • View Profile
Re: wanos + ESXi with pfSense Firewall VM
« Reply #1 on: October 15, 2014, 09:45:11 AM »
Hi Spiffster,

Quite a few people are using this exact same setup with a virtual pfSense.

If the pfSense Lan and Wan design was the standard before introducing wanos then all that needs to happen is to move the pfSense Lan and wanos Wan to another separate vSwitch or Vlan portgroup. Essentially this connects the wanos wan cable into the pfSense lan port. Because wanos will bridge the traffic from the Lan servers to the Wan side, this means the Lan servers are basically connected to the pfSense lan port. Then it follows the original design.

Remember to enable promiscuous mode on the wanos interfaces so that the bridging works. In this configuration where promiscuous mode is enabled on a vswitch or port-group that is shared with other servers there is an additional recommendation: Bypass all traffic (#99) and then create a specific traffic policy rule for the office subnets e.g:

source home office subnets -> destination office subnets
CCIE RS, CCIE SP, Mnet&sys

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

Spiffster

  • VIP
  • Full Member
  • *****
  • Posts: 39
    • View Profile
Re: wanos + ESXi with pfSense Firewall VM
« Reply #2 on: October 15, 2014, 04:59:19 PM »
Thanks! I will give this a try and report back.

Spiffster

  • VIP
  • Full Member
  • *****
  • Posts: 39
    • View Profile
Re: wanos + ESXi with pfSense Firewall VM
« Reply #3 on: October 15, 2014, 11:43:21 PM »
Works perfectly! Now I just need to get the other side setup and I think we will be good to go! I will report back when I have it all up and running on both ends. Thanks so much for your help!

ahenning

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 629
    • View Profile
Re: wanos + ESXi with pfSense Firewall VM
« Reply #4 on: October 16, 2014, 11:49:22 AM »
Great, thanks for the feedback.
CCIE RS, CCIE SP, Mnet&sys

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

nickgr

  • Member
  • ***
  • Posts: 2
    • View Profile
Re: wanos + ESXi with pfSense Firewall VM
« Reply #5 on: November 07, 2014, 11:33:48 AM »
Dear all Wanos team
I have deploy wanos on esxi environment with pfsense vm
i have create one vswitch which include vmnetwork machines including wanos lan interface enabling promiscued port,
after that create a second vswitch including wanos wan interface and pfsense lan interface with promiscued enabled
if on my first vswitch vmnetwok disable the promiscued mode i unable to reach the pfsense is that right ??

ahenning

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 629
    • View Profile
Re: wanos + ESXi with pfSense Firewall VM
« Reply #6 on: November 07, 2014, 10:24:31 PM »
Quote
if on my first vswitch vmnetwok disable the promiscued mode i unable to reach the pfsense is that right ??

Yes, that is correct e.g. when disabling promiscuous, disables bridging.
CCIE RS, CCIE SP, Mnet&sys

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

nickgr

  • Member
  • ***
  • Posts: 2
    • View Profile
Re: wanos + ESXi with pfSense Firewall VM
« Reply #7 on: November 10, 2014, 08:27:27 AM »
Thank you very much