Hi,
My home setup includes PC with multiple NIC's and a VMware Workstation that has my virtual lab (Windows domain controller, 5 ESXi 7 hosts, VCSA and some other stuff) This is licenced via VMUG programme.
My main PC goes through one of NIC's direct to PA-820, VMWorkstation is 'bridged' to one of other NIC's I have. Separate subnets.
Have created new zone, NAT and security policy to allow all traffic from VMware-assigned PA-820 NIC/zone to 'any' zone - to get any input data. Have applied management profile that allows ping to zone.
Problem: I cannot make VCSA to connect to Internet. All traffic I can see is that from IP address that is assigned to 'bridged' NIC on main PC to IP assigned to PA's interface.
Tried amending NAT policy to include PA's address (IP_VMUG_Router) in NAT policy, it does not work with and without that.
Security policy looks like that (Speedy is my main PC's zone):
IP's are:
192.168.172.71 - DHCP assigned IP to physical NIC 'bridged' to VMWorkstation network segment.
192.168.172.1 - IP of PA-820's interface for that zone
192.168.100.x - main PC's subnet.
I can ping from main PC to all IP's used in VMUG zone.
I can ping from VM's in VMUG zone to PA's NIC IP.
I cannot ping from any VM to anything outside of VMUG zone, neither on Speedy or Internet.
Where do I go wrong? I wonder if my main PC understands that one of NIC's has IP from 192.168.172.x subnet and pings direct to NIC? I can see ping traffic on PA from 192.168.172.71 to 192.168.172.1 only..
