Jump to content

Virtual machine router

Lord Nicoll
By Lord Nicoll
in Networking
 Share
Posted

Thanks to a quirk of my router, it doesn't seem to port forward correctly. In order to get a system open to the outside world, I had to stick it in the DMZ, not a very nice solution really. It would be far too expensive to have to buy a modem, router/switch and then wireless access point to replace the current unit, especially since it seems actually pretty decent by ISP router standards. Would it be a good idea to try and set up a virtual router inside VMware ESXi and put that in the DMZ and then port forward from the virtual router, or is that not possible? I'm not great with the actual configuring of networks, I prefer to assembly them and let someone else take care of the really heavy configurations after I do the basics. Any more elegant solutions to this problem? 

*edit* It's PfSense that I'm looking at also, it's what I'm more used to, although open to other suggestions

Yours faithfully

Link to comment
https://linustechtips.com/topic/933271-virtual-machine-router/
Share on other sites
Link to post
Share on other sites
Posted

at work we run routers/firewalls (specifically PFSense) on ESXi all the time. The setup can be a little tricky because you need to separate the WAN and LAN of the VM somehow, either by separate physical ethernet ports or by using VLANs.

Looking to buy GTX690, other multi-GPU cards, or single-slot graphics cards: 

 

Link to comment
https://linustechtips.com/topic/933271-virtual-machine-router/#findComment-11402006
Share on other sites
Link to post
Share on other sites
Posted
  • Author
1 minute ago, brwainer said:

at work we run routers/firewalls (specifically PFSense) on ESXi all the time. The setup can be a little tricky because you need to separate the WAN and LAN of the VM somehow, either by separate physical ethernet ports or by using VLANs.

Well I was looking at this as a guide, but I wasn't sure if I could then set that machine to be in the DMZ, and then have to port forward on the virtual network switch that ESXi has, such as the DNS server, webhost, email server, that kind of thing, I don't like having it all on one single VM, it's not good practice.  

Yours faithfully

Link to comment
https://linustechtips.com/topic/933271-virtual-machine-router/#findComment-11402015
Share on other sites
Link to post
Share on other sites
Posted
Just now, Lord Nicoll said:

Well I was looking at this as a guide, but I wasn't sure if I could then set that machine to be in the DMZ, and then have to port forward on the virtual network switch that ESXi has, such as the DNS server, webhost, email server, that kind of thing, I don't like having it all on one single VM, it's not good practice.  

I've never reviewed that guide but I'm sure it is serviceable. You'll need two different virtual switches one for the WAN/DMZ and the other for the LAN port. Things that the PFSense will port forward to will need to be connected to the LAN switch somehow. The "somehow" again comes back to either separate physical ethernet ports (and an external switch or whatnot) or VLANs. Or if your other things that need ports forwarded to them are all VMs then they should just connect to the LAN virtual switch.

Looking to buy GTX690, other multi-GPU cards, or single-slot graphics cards: 

 

Link to comment
https://linustechtips.com/topic/933271-virtual-machine-router/#findComment-11402024
Share on other sites
Link to post
Share on other sites
Posted
  • Author
4 minutes ago, brwainer said:

I've never reviewed that guide but I'm sure it is serviceable. You'll need two different virtual switches one for the WAN/DMZ and the other for the LAN port. Things that the PFSense will port forward to will need to be connected to the LAN switch somehow. The "somehow" again comes back to either separate physical ethernet ports (and an external switch or whatnot) or VLANs. Or if your other things that need ports forwarded to them are all VMs then they should just connect to the LAN virtual switch.

Yes they are all VMs on a single ESXi host, so it would be all done by software locally on the machine, however it has 4 Ethernet ports (HP ProLiant DL380 G7) but I don't have any switches at home, though I have a routerboard 450G, it doesn't seem to boot for some reason. I would prefer a virtual solution as thats cheaper I think :P

Yours faithfully

Link to comment
https://linustechtips.com/topic/933271-virtual-machine-router/#findComment-11402044
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Networking

×