VSphere provides several schemes for automatic allocation of MAC addresses in vCenter Server. You can select the scheme that best suits your requirements for MAC address duplication, OUI requirements for locally administered or universally administered addresses, and so on.
- A maxed out mac mini would have worked for me as ESXi servers. A max mini runs circles around any kind of 1u server you could possibly build. You are not going to get 64gb ram or 6 cores working in a 1u.
- An ESXi host generates the MAC address for a virtual machine adapter when the host is not connected to vCenter Server.Such addresses have a separate VMware OUI to avoid conflicts. The ESXi host generates the MAC address for a virtual machine adapter in one of the following cases:. The host is not connected to vCenter Server.; The virtual machine configuration file does not contain the MAC.
- We have a challenge currently, after we associated the blade servers, The data traffic couldn’t be transfer or seen on the Nexus 9K. What I mean by the above is that the ESXi host was assigned a MAC address which we ought to see on the switch using sh mac address-table but nothing was seen.
- This article provides build numbers and versions of ESXi/ESX. This table lists the ESXi build numbers and versions. Express Patch 1a ESXi602 3/28/20 N/A ESXi 6.5.
Update 2
In early 2016, VMware began including the embedded HTML5 host client for managing ESXi in version 6.0 U2 from your web browser. Meant to connect to and manage single ESXi clients, it’s a great solution for users getting started with a dedicated Mac (like a quad-core mini or a Mac Pro) running VMware at MacStadium.
Update
The venerable William Lam of virtuallyGhetto noticed we were missing ESXi Embedded Host Client. He wrote a great article on this tool explaining its use that's worth checking out. We're ready to add any other suggestions that our readers may have.
Here’s the Situation
You’ve just had a Mac mini setup with ESXi to move all of your software onto one machine. VMware ESXi is a great option to get the most out of a single server at MacStadium as it’s the only enterprise option available for virtualizing OS X, Windows, and Linux on one machine.
You’re probably using MacStadium because you personally use a Mac (let’s call it a MacBook Pro) for day-to-day work and recognize the potential of a hosted Mac. Rather than continue paying more for shared hosting at another provider (without OS X of course) you’d like one place to manage all of your servers.
The next step is obviously connecting to and managing your VMware single-server ESXi environment. This is where the VMware vSphere software suite comes into play. But wait, you've only got the MacBook Pro! Unfortunately for developers working on Apple hardware locally, there is no native VMware vSphere client available for OS X. Don’t give up, though; there are alternatives.
Will There Ever be a Desktop App for OS X?
There was a glimmer of hope for Mac users in a preview of VMware vSphere 6.0. A thick (desktop) client was included that could be installed locally by Windows and Mac users (and presumably Linux in the future). Unfortunately, it disappeared in the next release candidate and has not been seen again.
Can I Use vSphere Web Client?
In older versions of VMware vSphere, a Windows desktop was the primary means of accessing vSphere environments. Now though, more and more users are taking advantage of the vSphere web client to access vSphere.
The catch with vSphere Web Client is that it’s only accessible if you have vCenter. On a single-server solution running ESXi, that means $99/month. Don’t give up hope just yet.
What About VMware Fusion?
If you’re a recent convert to virtualization and tested the waters in VMware Fusion Pro on your local Mac machine, you’re in luck. VMware Fusion Pro for Mac includes the only truly native client for accessing your remote vSphere environment from OS X. If you’re not already using Fusion Pro is it worth it to purchase a license? At $200, it might be a hard sell for managing your single ESXi host.
Can I Use Windows on my Mac?
If you’ve got Boot Camp on your Mac, you could save all of your work to a remote or shared partition, log out, reboot into Windows, open up your shared partition or remote folder, open the vSphere client, and finally connect to vSphere and manage your virtual machines. That’s a lot of steps but it is a viable solution. You could also run a Windows VM in VMware Fusion or Workstation Player.
Is There Command Line Access?
Yes, you can partially manage your ESXi server using SSH. You’ll have to have access to a vSphere client temporarily to enable SSH access in ESXi. vCLI, the VMware vSphere Command-Line Interface, is also an alternative for management from a Linux or Windows system.
Does MacStadium Offer any Alternatives?
For single-server ESXi installations, we can make sure your server is always available whenever you need access from one of the above options. If you are in a testing phase and plan to move to a multi-host ESXi cluster, there is great news. We offer vCenter to all private cloud environments. A team of users on Mac’s can all manage vSphere using the included vSphere Web Client.
Don’t hesitate to reach us over live chat or by opening a support ticket if you have questions or need help with your Mac servers running ESXi.
References
Important
Netgate is offering COVID-19 aid for pfSense software users, learn more.
This article is about building a pfSense® virtual machine on vSphere /ESXi. Article explains how to install any major pfSense softwareversion on VMware vSphere versions 5.x and 6.x. The article does notcover how to install vSphere or how to configure pfSense software todo any of the many amazing things it can. A basic, working, pfSensevirtual machine will exist by the end of this document.
Note
If the pfSense firewall will be running as a perimeterfirewall for an organization and the “attack surface” should beminimized, many will say it is preferable to run it unvirtualized onstand-alone hardware. That is a decision for the user and/ororganization to make, however. Now back to the topic.*
We’re going to start at the point where we have a vanilla ESXi installand have connected to it using the vSphere client. If other VMs arealready running on ESXi, then it is not likely necessary to follow thenetworking steps too closely. However, we recommend skimming through itto see what is suggested before building the pfSense virtual machinepart.
Assumptions¶
- vSphere host is up and running
- The reader has an understanding of network addressing
- The pfSense software installation
.iso
image is in a datastore
The following steps include the necessary vSphere web clientconfiguration required to get pfSense VM running. After getting to thepfSense setup step, switch to the guide for vSphere client below.
Basic vSphere web client networking setup¶
Before creating a new VM in vSphere web client, create two virtual switches andtwo port groups. First, create Virtual switches for WAN and LAN and after thattwo port groups for the WAN and LAN.
From the vSphere web client navigator, click on Networking and thenclick on Virtual switches tab. From there, click on “Add a new standardvirtual switch”.
Add two Virtual switches, one for WAN and another for LAN. For uplinkselect two separate available ports.
Creating port groups¶
After creating Virtual switches, click on Port groups tab. On the Portgroups tab click on “Add port group”. Add WAN and LAN port groups, eachusing WAN and LAN switches respectively.
Creating a pfSense VM¶
Now that the networking part is done, we continue to create a virtual machine.From the dashboard click on “Create/Register VM”. On the first wizard screenselect “Create a new virtual machine”.
On the second page of the wizard, enter a name for the VM and selectcorrect Guest OS version.
On the third page of the wizard, select the datastore where the hypervisor willkeep the VM.
On wizard page four, add another Network Adapter and select the WAN and LAN portgroups for each of the network adapters. Modify other virtual machine settingsas needed. For best performance, use VMXNET 3 type of adapters instead of E1000.However, VMXNET 3 interfaces require manual interface assignment with the firstboot. This guide uses the E1000 adapter type.
On the final wizard screen confirm the settings and click finish.
pfSense software installation¶
Once the pfSense virtual machine is created, under vSphere web clientnavigator click on “Virtual Machines” and select the newly created VM.
Power on the virtual machine.
On the next screen, press “I” to invoke installer mode.
The pfSense software installer starts automatically. Select “Accept these settings”
On the following screen choose “Quick/Easy Install” after whichinstallation starts.
When prompted, select “Standard Kernel”.
After that installation completes and pfSense software boots up for thefirst time.
Installing Open-VM-Tools¶
Once the pfSense installation is complete, upon first boot install theOpen-VM-Tools. Reboot is not necessary afterwards, however make sure theOpen-VM-Tools service is running under Status > Services.
Congratulations, the installation of pfSense software on ESXi is complete!
Basic vSphere Networking¶
About vmnics, vSwitches, management and virtual machine networks¶
In the vSphere client the network diagram for an ESXi host may be viewedby clicking Networking on the Configuration tab:
After ESXi was installed, before it was possible to connect to it withthe vSphere client, a physical network adapter (a “vmnic” in thediagram) had to be nominated to be the ESXi Management Network. An IPaddress also had to be assigned to Management Network interface on thethe ESXi host, either through DHCP or manually through the console.
The network diagram above shows that the Management Network was assignedto vmnic0 and it has an IP address of 192.168.111.30.(192.168.111.0/24 is my home LAN. Others will most likely be different.)Whatever subnet was chosen, the VMkernel Port in the diagram is theManagement Network and that’s what the vSphere client is now talking to.
ESXi will name the first physical NIC it finds
vmnic0
. If vmnic0is the management interface, ESXi will have automatically attached avirtual switch, vSwitch0
, to that interface.In addition to the VMkernel port, ESXi will also attach a VirtualMachine Port Group to the vSwitch. In the diagram above it’s labeled as“Virtual Machine Network”. The VM Port group is where Virtual Machinescan be attached to this virtual network.
In summary, in the above diagram, vSwitch0 has both a VM Port Group(Virtual Machine Network) and a VMkernel Port (Management Network)attached.
Creating the LAN¶
In a small network it is quite common to use the Virtual Machine PortGroup on vSwitch0 to provide the LAN interface for the pfSense firewall.That allows access to the LAN side of the pfSense virtual machine and tomanage the ESXi host with the vSphere client from a single PC. Of course,the virtual machine (e.g., the pfSense firewall) and the ESXi managementinterface must have different IP addresses.
COMMENT: I must say here that I always separate the ESXi Managementnetwork from other networks. I won’t go into the detail but there aresome very good reasons for doing this. Without using VLANs, though,separation would mean that an additional NIC on the ESXi host would bededicated only for ESXi management. What’s more, another NIC would berequired in the vSphere client PC to connect to the management NIC onthe ESXi host. To follow that path and enough NICs are available, simplydelete the Virtual Machine Port Group by clicking the Properties linkabove **vmnic0*, highlight the VM Port Group and click Remove.*
Assuming there are only two NICs in the ESXi host, rename the VM PortGroup from “Virtual Machine Network” to something a bit more meaningful.Click the Properties… link for vmnic0:
Highlight the Virtual Machine Network and click the Edit button.
Change the Network label to “LAN” and click OK then Close.
This makes life a little easier when we assign virtual networkinterfaces to the pfSense instance.
![Esx Server For Mac Esx Server For Mac](/uploads/1/1/8/8/118894146/248895490.jpg)
Creating the WAN¶
As we’re not going to deal with VLANs here, a second physical NIC isrequired in the ESXi host. This will be the WAN interface.
HINT: If multiple physical interfaces are available in the ESXi host,it can be a bit of a struggle to work out which one has been identifiedas vmnic1, vmnic2 and so on. If the MAC address of each NIC is noteddown along with the slot it occupied when it was installed in themachine, look at the Network Adapters screen under the Configuration tabto match up the MAC addresses (new to ESXi 5). However, having thatforesight is rare, so lacking that information the easiest way to matchphysical NICs to vmnics is to plug a PC or switch into them, one at atime. The speed and duplex on the Networking or Network Adapters screensshould change as the interface comes up. Because VMware didn’t provide aRefresh link on the Network Adapters screen, refresh by navigating tosomewhere else then going back.
Now we need to link the second physical NIC (vmnic1), to a newvSwitch. Click the Add Networking link at the top right of theNetworking screen and the following dialog will appear.
We are adding a Virtual Machine network so select that option andclick Next.
We want this NIC to be attached to a new vSwitch so select Create avirtual switch and check vmnic1. Click Next.
As we did with the LAN, let’s give this VM Port Group a moremeaningful name of “WAN”. Click Next.
The next dialog simply confirms that everything looks OK. Click Finish.
The networking diagram should now look like this:
Now we can configure a new virtual machine on which pfSense softwarewill be installed.
Configuring the Virtual Machine¶
Right click the ESXi host in the left pane of the vSphere client andselect New virtual machine…
Configuration¶
In the Configuration window, I always like to take the Customoption. (I’ve never really trusted what someone else thinks is“typical”). Click Next
Name and Location¶
In the Name and Location window, let’s give the virtual machine ameaningful name like “pfSense” and click Next
Storage¶
Now we need to decide where disk storage will be allocated to hold theconfiguration and operating files for the virtual machine. (This isnot necessarily the same location as the file system for pfSensesoftware, as shown later.) There are two datastores on this server – asmall 80GB drive on which ESXi is installed and a 500GB disc which isfor virtual machine storage. Highlight a datastore from the list andclick Next.
Virtual Machine Version¶
Here is where the virtual machine version to use for the pfSenseinstallation is configured in ESXi. Note the warning above. Selectversion 8 and click Next.
Guest operating System¶
pfSense software is built on the FreeBSD operating system, not Linux.Select Other and chose FreeBSD (32-bit) or FreeBSD (64-bit).
Make sure the hardware is capable of running 64-bit virtual machines, which itmust be to run ESXi, and download the pfSense ISO image for installation,choosing the amd64 architecture.
Click Next.
![Esx Esx](/uploads/1/1/8/8/118894146/502139564.png)
CPUs¶
To get started, a single-socket, single-core configuration will do fornow. This and other virtual machine settings can always be changedlater if needed. Click Next
Memory¶
Depending on the number and type of packages that will be installed onthe pfSense software, a basic pfSense VM should run comfortably in512MB of RAM. A lot of simple, non-virtual installations run on old PCswith 256MB and less, so long as swap space is available on the disk.Given the low cost of RAM these days, allocating less than 512MB wouldnot be advised.
If physical RAM on the ESX host is limited - perhaps because lots ofother virtual machines will be running - the allocation on the pfSenseVM could be reduced to, say, 384MB. If lots of memory-hungry packageswill be run, give it more.
To change the memory allocation to one of the sizes shown on the scaleof the memory “thermometer”, click that value on the scale. Click Next
Network¶
Remember that the two virtual networks were renamed to LAN and WAN.This is where we attach those networks to the pfSense virtual machine.
Select the number of virtual NICs for use by the pfSense VM. In this case itwill be 2. Now, using the drop-down lists assign NIC 1 on thevirtual machine to the WAN network. Assign NIC 2 to LAN. (This is whythe virtual machine port groups were given these names – they are mucheasier to recognize.)
Note
On pfSense software version 2.2 and later, the choices in thedefault configuration are em0 for WAN and em1 for LAN, so WAN should beassigned to NIC 1. This may differ from the screenshots shown here.The interface assignment prompt will no longer appear for hostsusing em NICs, so be careful not to attach a LAN to em0!
Note that for each NIC an Adapter type may also be selected.Different adapter types may give better or worse performance (and somemay not work at all) but that is beyond the scope of this document. Toget started, choose the dependable E1000 type for each adapter. Makesure that Connect at Power On is checked and click Next.
SCSI Controller¶
An emulation of an LSI Logic SCSI controller is offered on this systemand, as far as I know, the recommendation is based on the operatingsystem of the virtual machine intend to be installed. Accept thedefault and click Next.
Select a Disk¶
This is where the operating system will build its file system.
Choose Create a new virtual disk and click Next.
Create a Disk¶
In this example, the virtual disk was given a capacity of 8GB butthere is quite a lot to spare and 8GB isn’t really that much thesedays.
Under Location, keep the virtual machine’s hard disk with thevirtual machine itself. Read the help to learn more about this set ofoptions, if desired.
Click Next.
Advanced Options¶
Like it says – these options do not normally need to be changed.Next.
Cisco anyconnect vpn client download for mac. It’ll happen only by providing mobile devices with remote access to the company network.
Ready to Complete¶
Now a summary of what has been configured so far for this virtualmachine is displayed.
Before finishing, check the box Edit virtual machine settings beforecompletion. The label on the Finish button will change toContinue. This will allow the boot CD from which the pfSensesoftware will be installed to be configured. Click Continue.
Editing the Virtual Machine’s Properties¶
In the Virtual Machine Properties dialog select the Hardware taband then the line New CD/DVD (Adding) line. In the right-hand panechoose the location of the CD/DVD drive:
- Host Device
If a CD/DVD drive is available in the ESXi host, select the CD/DVD driveand check Connect at power on. This change allows pfSense CD/DVD tobe inserted into the host’s drive and start installing a soon as thevirtual machine is powered on.
- Client Device
To install from the CD/DVD drive in the vSphere Client PC, select theClient Device option. As the contents of the CD will be read across thenetwork, this will be a bit slower than using a drive in the ESXi host.In addition, Connect at power on is not available.
- Datastore ISO
To install from an ISO image stored in an ESXi datastore, that is alsoan option but it won’t be covered here. This is much faster than theother options, and more convenient to keep the install media around forre-use.
Click Finish.
Installing pfSense Software¶
Booting the VM from CD/DVD¶
Option 1: Installing from the CD/DVD drive on the ESXi host
If the Host Device option was chosen in the Virtual MachineProperties above, slip the pfSense CD into the drive on the ESXihost.
In the left-hand pane of the vSphere client window, right-clickthe new pfSense virtual machine. A number of actions for VM aredisplayed, including Power > Power on. Select that orhighlight the virtual machine and click the green arrowhead inthe toolbar.
Now click the Console tab and the virtual machine will beginbooting from the CD.
Skip to Installing pfSense Software.
Option 2: Installing from the CD/DVD drive on the client
If the option was chosen to use the drive in the client PC, putthe CD into its drive. Remember that Connect at power on wasnot a choice if using the client’s CD/DVD drive, so a little bitof extra work is needed to connect it after powering on thevirtual machine.
In the left-hand pane of the vSphere client window, right-clickthe new pfSense virtual machine. A number of actions for VM aredisplayed, including Power > Power on. Select that orhighlight the virtual machine and click the green arrowhead inthe toolbar.
Now, with the virtual machine highlighted, click the Consoletab.
Because the CD drive is not attached to the virtual machine yet,it may attempt to boot from the network or it may be showing anOperating system not found or some other error. Don’t worryabout this.
At this point (and only after the virtual machine has beenpowered on) the virtual machine may be attached to the CD/DVDdrive on the client PC. Click on the toolbar icon that lookslike a CD with a wrench/spanner. CD/DVD Drive 1 will beoffered in the menu and the available choices are displayed.Select Connect to D: (or whatever drive letter represents theCD/DVD drive on the client PC).
Right click the virtual machine in the left pane of the vSphereclient and select Guest > Send Ctl+Alt+Del. This will rebootthe virtual machine without disconnecting the CD/DVD drive.
In the Console tab, the pfSense installer can now be seen bootingfrom the CD.
Installing pfSense Software¶
If everything has gone well the pfSense boot menu be shown.
What follows is very much a standard pfSense installation procedure.However, it’s included here to save jumping around between documents.
Note
To enter information through the virtual machine’s console, itis necessary to click inside the console window. To release the cursor,press Ctl+Alt.
Allow the timer to expire and boot the pfSense software from the ISO image.
When the following console message is seen:
Type i to launch the pfSense installer.
The next few screens are the standard pfSense install screens and arefairly self explanatory. Take the highlighted choice in each of thefollowing screenshots:
At this point the pfSense virtual machine will reboot and the CD mustbe removed from the drive.
Interface Assignment¶
Next up, the pfSense boot menu returns.
As the pfSense software is already installed on the virtual disk,allow the timer to expire.
Once the pfSense software has booted the message: Network interfacemismatch – Running interface assignment option is shown. Thismeans that the pfSense instance has not yet been told which virtualnetwork interface is LAN and which is WAN.
Note
As mentioned previously, on pfSense software version 2.2 andlater, the choices in the default configuration are em0 for WANand em1 for LAN, so WAN should be assigned to NIC 1. This maydiffer from the screenshots shown here. The interface assignmentprompt will no longer appear for hosts using em NICs, so becareful not to attach a LAN to em0!
First of all, though, as VLANs are not needed, type n and pressreturn.
What Is Esxi Server
The order that the virtual NICs were assigned to the pfSense instancewhen the virtual machine was setup is important here. Generally, ESXipresents those network interfaces to the pfSense instance in sequence.That is, the pfSense virtual machine sees NIC 1 (WAN) as em0, NIC 2(LAN) as em1, etc.
Note
The MAC addresses assigned to the virtual NICs and seen by thepfSense VM are also virtual. They are not the MAC addresses of thephysical NICs.
To double check which virtual NIC is which, right-click the virtualmachine in the left-hand pane of the vSphere client and choose EditSettings. Selecting each of the network adapters (WAN, LAN, etc) willshow the virtual MAC address assigned to that interface. Make a note ofthese to help get the correct virtual interface assigned in the pfSensesoftware. Only the last two characters of the vMAC are generally neededto match them against those shown in the pfSense console. For example:
WAN = ee LAN = f8
Mac On Esxi
So go ahead and enter the WAN interface name, em0 in this example, andpress return.
Now enter the LAN interface name, “em1” in this example, and pressreturn.
As there are not any OPT interfaces, yet, press return.
Lastly, check that the interface assignments are correct, enter “y”and press return.
After a short interval, the pfSense VM will reconfigure itself,restart and present the main pfSense screen, above.
If the modem (in this example a simple cable modem) is connected to thephysical WAN port of the ESXi host, the WAN interface should havereceived a public IP address from the ISP via DHCP. ADSL and othermodems may need to be set up to pass the public IP through to thepfSense VM. Other types of WAN connections and configurations arebeyond the scope of this article.
The LAN interface has its installation default IP address of192.168.1.1. If another network address and/or subnet is desired, it maybe changed from the console or GUI.
Adding a DMZ¶
Having a WAN and a LAN is fine but perhaps another virtual machine willbe added to the virtual network – maybe a mail server or a web server.After all, that is likely to be one of the reasons ESXi was used in thefirst place – as an alternative to running multiple physical machines.
These kinds of servers should be accessible from the Internet but, atthe same time, be protected behind the pfSense firewall. That way accesscan be controlled to them from both the LAN and the WAN.
Vcenter For Mac
Another interesting aspect of virtualization is that it is not necessaryto stop at one DMZ. Because the DMZ network can be completely virtual,additional physical NICs are not required. For example, a virtual mailserver could be put in one DMZ and a virtual web server in another.Then, by connecting them through the pfSense VM with virtual NICs, allaccess between the DMZs may be controlled. In addition, if one server iscompromised, access to any of the others will be more difficult.
That’s not to say that a DMZ can’t also be connected to a real physicalnetwork as well. It may be desirable to connect a game console orvideo/music server behind the pfSense VM but not have it directlyconnected to the LAN. To accomplish that, connect a physical NIC to theESX system and attach it as a DMZ.
Mac Os On Esxi
Creating the DMZ network¶
Go to the vSphere client and highlight the ESXi host. Click theConfiguration tab and the Networking link. The ESXi network diagram isdisplayed.
Click the Add Networking link near the top right of the Network pane.
We want to add a new virtual machine network, so select that optionand click Next.
Choose the option to Create a vSphere standard switch. We aren’t goingto need a physical NIC – it is going to be virtual - so make sure thatif there are more physical NICs in the ESXi host, none of them areselected, then click Next
Best Server For Vmware Esxi
As with the LAN and WAN, give the new network a name. “DMZ” would begood. Click Next.
Click Finish.
Now the Networking diagram will look like this - just a vSwitch and aVirtual Machine Port group called “DMZ” with no physical NICsattached.
The next step is to connect the pfSense VM to this new DMZ network.Right-click the pfSense virtual machine and select Edit Settings.Click the Add button.
Esx Server For Mac High Sierra
Choose Ethernet adapter and click Next.
As was done for WAN and LAN, choose the E1000 type of virtualnetwork adapter. Select DMZ from the drop-down list of availablenetworks and choose Connect at power on. Click Next.
Now the network diagram should look like the above.
Note
all of this may be done while the pfSense virtual machine isstill running. To make the pfSense VM aware of the changes, though,it will need to be restarted and then the interface must be assigned.
Now additional virtual machines may be attached to the DMZ network.
Installing VMware Tools¶
Vmware Esxi Server Download
There are a number of benefits to installing the VMware tools, includingbetter memory management, as well as improved network and diskperformance. I can’t vouch for those benefits but I find the most usefulfeature is the ability to shutdown or reboot a virtual machine withoutneeding to log in to it directly. I use this to have all my VMs and theESXi host gracefully shutdown in the event of a power outage that mightexhaust the UPS battery … but that’s another story.
The VMware Tools have been made available as a pfSense package, whichmakes the install very quick and easy.
Log in to the pfSense webGUI and click System > Packages.
From the Available Packages tab list, look for the Open-VM-Toolspackage and click on the right to install the package. Confirm thethe package installation and then it will proceed.
There is really nothing to configure with this package, it should justwork.