• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1757
  • Last Modified:

VMs cannot access any network resources or ping

I'll start off with my specs

Dell PowerEdge 2900 running ESXi 5 (Dell Customized Image) new install
all unmanaged switches
pfSense 2.0.1 base install (haven't changed anything except for port forwarding rules for RDP  and FTP) with 1 WAN and 2 LAN networks

For whatever reason whenever I create a VM in ESXi it cannot access any network resources, or ping any domain or address except the ESXi host itself.  I've logged into the ESX host via PowerCLI and I can ping all addresses on both LAN networks, as well as external domains.  I can access the ESX host from my PC which is on a different LAN network.

I've attached a quick visio of my network, as well as the network config for vsphere.

I've asked my buddy who runs a vcloud cluster, as well as a consultant I work with at my job and no one knows what's going on; I'm lost.
Drawing1.jpg
netconfig.JPG
0
Mike
Asked:
Mike
2 Solutions
 
sfmnyCommented:
Hi there,

What's the VM Network Card "hardware" set to? Also, have you installed VMWare tools on the virtual machine?
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
can the VM and the Host ESXi server, ping and contact the network interface on the pFsense, which would need to be the default gateway for yourbnetwork?

can you ping the other side of the pFsense network interface?

can your workstation ping the interface on the pFsense interface?

is the pFsense routing?

what network resources? windows file shares?

is it blocking?
0
 
Seaton007Commented:
Also, check the built-in firewall on the ESX host: Troubleshooting the firewall policy on an ESX host

It could be blocking something as well.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
MikeIT ManagerAuthor Commented:
@ sfmny - I tried e1000 as well as vmxnet3, yes vmware tools is installed.

@ hanccocka -

can the VM and the Host ESXi server, ping and contact the network interface on the pFsense, which would need to be the default gateway for yourbnetwork? VM, no, ESXi Server, yes.

can you ping the other side of the pFsense network interface? from everything except VMs

can your workstation ping the interface on the pFsense interface? yes

is the pFsense routing? it's acting as a router, yes, but I have no custom routes defined.

what network resources? windows file shares? not quite sure what you mean

is it blocking? no special blocks are in place, just whatever is set from a new install.

@Seaton007 - disabled the firewall and no change.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
okay, to simplyfy things, and ignore the Pfsense Router, can you connect a computer to the 192.168.10.0 subnet, and check

1. it can ping ESXi, VMs
2. VMs can ping computer
0
 
MikeIT ManagerAuthor Commented:
I connected my laptop to the 10.x network, same symptoms as VMs.

leads me to believe it's something in pfSense that I dont have set.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
so you have connected a computer to the 192.168.10.0 subnet, and

the laptop cannot ping ESXi server?

cannot ping VMs?

VMs cannot ping laptop?

ESXi cannot ping laptop?
0
 
MikeIT ManagerAuthor Commented:
I've solved my issues with everything except accessing my NAS from the 10.x.  I can ping 0.x from 10.x fine now, and can get out to the internet on 10.x, but the only address I can't ping from 10.x or access files shares from is my NAS which is 192.168.0.40.  I can't ping, browse file shares, or even get to the web interface.

This is important because I will be backing up my VMs via iSCSI to my NAS.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
what was the issue?
0
 
MikeIT ManagerAuthor Commented:
I didn't add a firewall rule in pfSense to pass all traffic originating from the OPT1 (2nd LAN) subnet to *
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
okay, so it was blocking!
0
 
MikeIT ManagerAuthor Commented:
Yes.  I just assumed that pfSense automatically created that rule for the 2nd interface like it did for the 1st interface since I setup both on the initial install.  That was a rookie mistake on my part.

Now I'd just like to figure out how to get to my NAS.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
so, can you ping the NAS?
0
 
MikeIT ManagerAuthor Commented:
not from 10.x
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
access web gui?
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
does you NAS have a default gateway set?
0
 
MikeIT ManagerAuthor Commented:
cannot access web gui from 10.x

NAS default gateway is 192.168.0.1.
0
 
MikeIT ManagerAuthor Commented:
error on my end.
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now