?
Solved

dmz with vmware question

Posted on 2011-09-19
5
Medium Priority
?
646 Views
Last Modified: 2012-05-12
hi there

i have an esx server with everything working fine. im trying to setup a dmz but its not working for me.

i have created new vswitch with 2 nics - portgroup has vlan 100. nics are connected to cisco 3560 switch and the two esx ports are setup for trunking vlan 100 and trunk mode etc. i then have port 3 on the cisco swtich connected to the dmz port on the firewall - i have configured the switch port as an access port on vlan 100.  my vm can ping the firewall and the firewall can ping the vm but i cant access the internet from the vm.

i have tried all the usuals like windows firewall etc so its nothing simple here.

i believe my problem lies in the firewall as esx other vlans are all ok
0
Comment
Question by:mikeleahy
5 Comments
 
LVL 18

Expert Comment

by:jmeggers
ID: 36562457
What kind of firewall?
0
 

Author Comment

by:mikeleahy
ID: 36562511
pix
0
 
LVL 3

Expert Comment

by:shahravish
ID: 36563285
maybe silly, but can you try and ping ip adresses? like try pinging 4.2.2.1 from the vm? Need to understnad if issue lies only not being able to access anything beyond the firewall, or is it name resolutions?

Secondly, do yo uhave rules defined to alow outbound from dmz? and ensure its higher up in the list?
0
 

Author Comment

by:mikeleahy
ID: 36565296
that times out also. its not name resolution.

am i correct in saying that from the v mware side all you do is create the port group with vlan id etc and assign physicla nics??
0
 

Accepted Solution

by:
Alelescarini earned 1000 total points
ID: 36569173
It's correct, is a standard switch there isn't any particular configuration to do, try to check L3 rules on firewall side.
Here there's some implementation scenario
http://www.vmware.com/files/pdf/dmz_virtualization_vmware_infra_wp.pdf

0

Featured Post

NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Giving access to ESXi shell console is always an issue for IT departments to other Teams, or Projects. We need to find a way so that teams can use ESXTOP for their POCs, or tests without giving them the access to ESXi host shell console with a root …
If you need to complete a Physical to Virtual (P2V), Virtual to Virtual (V2V) conversion to a VMware product (VMware Workstation, Player or VMware vSphere (ESXi) ) for FREE, then there is some good news...
Teach the user how to configure vSphere Replication and how to protect and recover VMs Open vSphere Web Client: Verify vsphere Replication is enabled: Enable vSphere Replication for a virtual machine: Verify replicated VM is created: Recover replica…
This video shows you how easy it is to boot from ISO images for virtual machines with the ISO images stored on a local datastore on the ESXi host.

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question