Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
612
Views
0
Helpful
1
Replies

Router-On-A-Stick configuration with a Firewall VM on ESXi and a Physical Switch ?!

Go to solution
huud
Level 1
Level 1

‎06-25-2021 08:52 AM - edited ‎06-25-2021 08:55 AM

Hi,

 

I have the following in my lab.

 

  • Physical Managed Switch

  • Physical ESXi server (connected to port 5 on switch)

  • Windows 10 VM running on ESXi Server (connected to vmnic1, port 6 on TP-Link)

  • OPNsense Firewall VM running on ESXi Server (connected to vmnic1, port 6 on TP-Link)

 

The OPNsense Firewall VM can do Sub-Interfaces, and VLAN tags.

 

I'm looking to have Router-On-A-Stick configuration where the Router VM is running inside ESXi while the switch is physical. All VLAN configurations will be on the physical switch. I have read that VLAN configurations must be done on either the physical switch or vSwitch, not both.

 

The way I see it the traffic flowing this case is as follows:

 

  • Traffic from Windows 10 VM will come to vSwitch11 (VLAN 11 vSwitch connected to vmnic1, port 6 on physical switch)
  • Traffic from Port 6 will go to Port 5 on physical switch (Port 5 is trunk and is vmnic0 in ESXi)
  • Firewall VM vNIC is vmnic0 will receive VLAN11 traffic

 

But my question is whether traffic will ever leave ESXi vSwitch ?

 

Thank You

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
LikeMyFloydPink
Level 1
Level 1

‎06-25-2021 11:01 PM - edited ‎06-25-2021 11:29 PM

I'm willing to bet that - being as your question doesn't mention any Cisco device whatsoever, your mileage with this one is limited.  

 

If I am wrong, however, and you just "forgot" to mention Cisco in your question above - which BTW, included the effort to name/describe products unrelated to anything that warrants a reply - a Starting Point would be:

 

-Create WAN vSwitch and WAN Port Group

-Create LAN vSwitch and LAN Port Group

-Google "how to opnsense on esxi physical switch" or some derivative thereof   

----->> Here you go:

 https://search.brave.com/search?q=how%20to%20opnsense%20on%20esxi%20physical%20switch&spellcheck=0

-Before getting crazy with complex "potentially over your head" scenarios in your lab (Speaking from experience- trust me) get the fundamentals down (better) 

-Maybe consider going to the VENDOR Specific forum/community/support site for the issue 

View solution in original post

0 Helpful
1 Reply 1

Go to solution
LikeMyFloydPink
Level 1
Level 1

‎06-25-2021 11:01 PM - edited ‎06-25-2021 11:29 PM

I'm willing to bet that - being as your question doesn't mention any Cisco device whatsoever, your mileage with this one is limited.  

 

If I am wrong, however, and you just "forgot" to mention Cisco in your question above - which BTW, included the effort to name/describe products unrelated to anything that warrants a reply - a Starting Point would be:

 

-Create WAN vSwitch and WAN Port Group

-Create LAN vSwitch and LAN Port Group

-Google "how to opnsense on esxi physical switch" or some derivative thereof   

----->> Here you go:

 https://search.brave.com/search?q=how%20to%20opnsense%20on%20esxi%20physical%20switch&spellcheck=0

-Before getting crazy with complex "potentially over your head" scenarios in your lab (Speaking from experience- trust me) get the fundamentals down (better) 

-Maybe consider going to the VENDOR Specific forum/community/support site for the issue 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card