The firewall is a pair of Sidewinders in HA config, talking to an HP 2824 switch on each of the subnets - DMZ and internal.
The ESXi box has a single NIC for both the VMs and management. No teaming. It's a Dell 1950, but I could never get the second NIC to respond. I'm running two smallish Win2k3 VMs. As I said, port 3389 is open, and I can leave up an RDP session to either of the Win2k3 VMs all day long with no issues. Kurt On Tue, Mar 17, 2009 at 18:45, Joseph L. Casale <[email protected]> wrote: > If it runs for some time, it works... > A netstat off my manglement box shows only 443 to one of my esxi servers. > Given your setup, I am pretty sure you have something not right. Describe > your network config in detail, are you teaming nics from the esxi to a switch > for example. > > jlc > > -----Original Message----- > From: Kurt Buff [mailto:[email protected]] > Sent: Tuesday, March 17, 2009 7:38 PM > To: NT System Admin Issues > Subject: Re: Semi OT: ESXi in a DMZ > > Quite helpful that. > > However, I suspect it's incomplete. > > Even this document - http://communities.vmware.com/docs/DOC-2500 - > hasn't helped. > > Dang it. > > I'll keep fiddling. > > On Tue, Mar 17, 2009 at 16:57, Sam Cayze <[email protected]> wrote: >> http://communities.vmware.com/message/624990 >> >> >> >> -----Original Message----- >> From: Kurt Buff [mailto:[email protected]] >> Sent: Tuesday, March 17, 2009 6:36 PM >> To: NT System Admin Issues >> Subject: Semi OT: ESXi in a DMZ >> >> Anyone doing this? Or even ESX in a DMZ? >> >> I've got a new ESXi box in a DMZ that is working fine, and I have port >> 3389 open so that I can RDP to the servers that are hosted on it, but I >> can't make the VI client keep a connection live longer than about two >> minutes. >> >> I connect great with the VI Client, and can start lots of things, but >> after two minutes it just dies. I've opened port 443, but it must need >> something else, and I can't figure out what it might be. >> >> I've tried running Wireshark on my desktop to see what the packets look >> like, but can't make heads or tails of it because of the noise from the >> firewall rewriting checksums and other bizarreness. >> >> Anyone have any hints on this? >> >> Kurt >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ >> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>яя ~ >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/яяВ ~ >> >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
