The Setup:
I have 4 VMs running on an ESXi 6.7 host.
There are 3 port groups assigned to the vSwitch: Public, SysAdmin, and Dev.
Each VM has 3 vNics, each assigned to one of the port groups.
Router (pfSense):
- vNic1: Dev port group with static 192.168.1.1 /24
- vNic2: SysAdmin port group with static 10.0.1.1 /24
- vNic3: Public port group with static 172.16.1.1 /24
DC01 (Server 2019):
- vNic1: Dev port group with static 192.168.1.2 /24
- vNic2: SysAdmin port group with static 10.0.1.2 /24
- vNic3: Public port group with static 172.16.1.2 /24
IIS01 (Server 2019):
- vNic1: Dev port group with static 192.168.1.3 /24
- vNic2: SysAdmin port group with static 10.0.1.3 /24
- vNic3: Public port group with static 172.16.1.3 /24
IIS02 (Server 2019):
- vNic1: Dev port group with static 192.168.1.4 /24
- vNic2: SysAdmin port group with static 10.0.1.4 /24
- vNic3: Public port group with static 172.16.1.4 /24
DC01 is the DNS and DHCP server and all servers have their vNics set with 192.168.1.2 as the DNS server.
Each of the servers has vNic1 set with 192.168.1.1 as the default gateway.
The other vNics don't have a gateway set since Windows was yelling at me about having multiple default gateways, which makes sense.
Windows Firewall is disabled and pfSense has packet filtering disabled so it is functioning only as a router.
The Problem:
- All servers can ping each other on the Dev (192.168.1.x) subnet.
- The Router can ping all servers on all vNics.
- None of the servers can ping each other on the SysAdmin (10.0.1.x) or Public (172.16.1.x) subnets.
- Route Print only shows routes for the Dev (192.168.1.x) subnet.
- Manually adding static routes has no effect.
I'm obviously missing something fundamental, but I've been banging my head against this all weekend.
Any help is greatly appreciated!
No comments:
Post a Comment