VMs cannot access any network resources or ping

I'll start off with my specs

Dell PowerEdge 2900 running ESXi 5 (Dell Customized Image) new install
all unmanaged switches
pfSense 2.0.1 base install (haven't changed anything except for port forwarding rules for RDP  and FTP) with 1 WAN and 2 LAN networks

For whatever reason whenever I create a VM in ESXi it cannot access any network resources, or ping any domain or address except the ESXi host itself.  I've logged into the ESX host via PowerCLI and I can ping all addresses on both LAN networks, as well as external domains.  I can access the ESX host from my PC which is on a different LAN network.

I've attached a quick visio of my network, as well as the network config for vsphere.

I've asked my buddy who runs a vcloud cluster, as well as a consultant I work with at my job and no one knows what's going on; I'm lost.
Drawing1.jpg
netconfig.JPG
LVL 9
MikeIT ManagerAsked:
Who is Participating?
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
okay, so it was blocking!
0
 
sfmnyCommented:
Hi there,

What's the VM Network Card "hardware" set to? Also, have you installed VMWare tools on the virtual machine?
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
can the VM and the Host ESXi server, ping and contact the network interface on the pFsense, which would need to be the default gateway for yourbnetwork?

can you ping the other side of the pFsense network interface?

can your workstation ping the interface on the pFsense interface?

is the pFsense routing?

what network resources? windows file shares?

is it blocking?
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
Seaton007Commented:
Also, check the built-in firewall on the ESX host: Troubleshooting the firewall policy on an ESX host

It could be blocking something as well.
0
 
MikeIT ManagerAuthor Commented:
@ sfmny - I tried e1000 as well as vmxnet3, yes vmware tools is installed.

@ hanccocka -

can the VM and the Host ESXi server, ping and contact the network interface on the pFsense, which would need to be the default gateway for yourbnetwork? VM, no, ESXi Server, yes.

can you ping the other side of the pFsense network interface? from everything except VMs

can your workstation ping the interface on the pFsense interface? yes

is the pFsense routing? it's acting as a router, yes, but I have no custom routes defined.

what network resources? windows file shares? not quite sure what you mean

is it blocking? no special blocks are in place, just whatever is set from a new install.

@Seaton007 - disabled the firewall and no change.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
okay, to simplyfy things, and ignore the Pfsense Router, can you connect a computer to the 192.168.10.0 subnet, and check

1. it can ping ESXi, VMs
2. VMs can ping computer
0
 
MikeIT ManagerAuthor Commented:
I connected my laptop to the 10.x network, same symptoms as VMs.

leads me to believe it's something in pfSense that I dont have set.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
so you have connected a computer to the 192.168.10.0 subnet, and

the laptop cannot ping ESXi server?

cannot ping VMs?

VMs cannot ping laptop?

ESXi cannot ping laptop?
0
 
MikeIT ManagerAuthor Commented:
I've solved my issues with everything except accessing my NAS from the 10.x.  I can ping 0.x from 10.x fine now, and can get out to the internet on 10.x, but the only address I can't ping from 10.x or access files shares from is my NAS which is 192.168.0.40.  I can't ping, browse file shares, or even get to the web interface.

This is important because I will be backing up my VMs via iSCSI to my NAS.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
what was the issue?
0
 
MikeIT ManagerAuthor Commented:
I didn't add a firewall rule in pfSense to pass all traffic originating from the OPT1 (2nd LAN) subnet to *
0
 
MikeIT ManagerAuthor Commented:
Yes.  I just assumed that pfSense automatically created that rule for the 2nd interface like it did for the 1st interface since I setup both on the initial install.  That was a rookie mistake on my part.

Now I'd just like to figure out how to get to my NAS.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
so, can you ping the NAS?
0
 
MikeIT ManagerAuthor Commented:
not from 10.x
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
access web gui?
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
does you NAS have a default gateway set?
0
 
MikeIT ManagerAuthor Commented:
cannot access web gui from 10.x

NAS default gateway is 192.168.0.1.
0
 
MikeIT ManagerAuthor Commented:
error on my end.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.