Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

dmz with vmware question

Posted on 2011-09-19
5
Medium Priority
?
641 Views
Last Modified: 2012-05-12
hi there

i have an esx server with everything working fine. im trying to setup a dmz but its not working for me.

i have created new vswitch with 2 nics - portgroup has vlan 100. nics are connected to cisco 3560 switch and the two esx ports are setup for trunking vlan 100 and trunk mode etc. i then have port 3 on the cisco swtich connected to the dmz port on the firewall - i have configured the switch port as an access port on vlan 100.  my vm can ping the firewall and the firewall can ping the vm but i cant access the internet from the vm.

i have tried all the usuals like windows firewall etc so its nothing simple here.

i believe my problem lies in the firewall as esx other vlans are all ok
0
Comment
Question by:mikeleahy
5 Comments
 
LVL 18

Expert Comment

by:jmeggers
ID: 36562457
What kind of firewall?
0
 

Author Comment

by:mikeleahy
ID: 36562511
pix
0
 
LVL 3

Expert Comment

by:shahravish
ID: 36563285
maybe silly, but can you try and ping ip adresses? like try pinging 4.2.2.1 from the vm? Need to understnad if issue lies only not being able to access anything beyond the firewall, or is it name resolutions?

Secondly, do yo uhave rules defined to alow outbound from dmz? and ensure its higher up in the list?
0
 

Author Comment

by:mikeleahy
ID: 36565296
that times out also. its not name resolution.

am i correct in saying that from the v mware side all you do is create the port group with vlan id etc and assign physicla nics??
0
 

Accepted Solution

by:
Alelescarini earned 1000 total points
ID: 36569173
It's correct, is a standard switch there isn't any particular configuration to do, try to check L3 rules on firewall side.
Here there's some implementation scenario
http://www.vmware.com/files/pdf/dmz_virtualization_vmware_infra_wp.pdf

0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I show you step by step with screenshots to assist you - HOW TO: Deploy and Install the VMware vCenter Server Appliance 6.5 (VCSA 6.5), with some helpful tips along the way.
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
Teach the user how to install log collectors and how to configure ESXi 5.5 for remote logging Open console session and mount vCenter Server installer: Install vSphere Core Dump Collector: Install vSphere Syslog Collector: Open vSphere Client: Config…
This Micro Tutorial steps you through the configuration steps to configure your ESXi host Management Network settings and test the management network, ensure the host is recognized by the DNS Server, configure a new password, and the troubleshooting…
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question