Nat – Accessing public ESXi host behind pfSense LAN

nat;pfsenseport-forwardingvmware-esxi

Currently, I have purchased a dedicated ESXi host and spun up a VM running pfSense. I've configured both WAN and LAN through separate vSwitches.

ESXi

1.1.1.10 (public IP)

pfSense

WAN -> 1.1.1.20/32 (public IP)
LAN -> 192.168.1.0/24

I've then created a Windows VM and looking to manage the ESXi host from it.
Windows host has an IP address of 192.168.1.1 and a 1:1 NAT set up in pfSense (Public: 1.1.1.30)
I'm however having some trouble in accessing the web GUI for the ESXi host within this VM (no ping response and traceroute only goes to pfSense server).

Within pfSense, I've tried enabling 'NAT Reflection mode for port forwards' and set to Pure NAT (as I've read this should help with NAT hairpinning) but my knowledge on pfSense is limited on how to get this working.

Any help would be appreciated.

Cheers,

Kev

Best Answer

I'm not sure whether you can access your Windows VM or not. If you can't then on pfsense you need to go to firewall > NAT and configure like below

You should also check your firewall rules like below

When you can RD your Windows VM then you should check if your LAN is on the same virtual switch which has your VM kernel port.

Best Answer

Related Solutions

Firewall – (Zywall USG 300) NAT bypassed when accessing in-house-server From LAN Via domain name

Openvpn – Pfsense 2.1 OpenVPN can’t reach servers on the LAN

Related Topic