I have a dedicated server which came with ESXI 6.5 pre-installed. There is just one IP dedicated to this, the management IP: 62.121.90.xx/27 from where I can log to ESXI. This instance had just one NIC installed at this IP. No NAT. I asked from my hosting provider to issue me a second IP which is of 83.159.147.XXX/26. What I want to do is the following:
pfSense with two network interfaces one WAN where I can connect the internet and the second one I would like to use internally for
NAT with other VMs.
I have created the following as in the picture:
vSwitch configuration
Problem is that when I assign the new IP (83.159.147.XXX) to the WAN interface of pfSense I am not able to reach internet.
Best Answer
You need a single vSwitch with two port groups, LAN and WAN.
The WAN port group you connect to the physical NIC, the pfSense WAN side and (if need be) the Management Network. The Management Network and the pfSense guest require one IP address each.
The LAN port group you connect to the pfSense LAN side and your VMs as internal interface - do not connect to the physical NIC without VLAN tagging.
If you need physical devices on the LAN port group you'll need VLAN tagging on the physical NIC and its switch port.
If you never ever need physical devices on the LAN side you can also use two distinct vSwitches but there's little point in that. Two vSwitches cannot share a single physical NIC, so two VLANs with tagging won't work.
On side note,
62.121.90.xx/27and83.159.147.XXX/26sound more like subnets instead of single IP addresses. A single IP address for the host and the guests doesn't make too much sense.