This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

VM-Series Firewall on VMware ESXi - get true link status from host NICs

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

VM-Series Firewall on VMware ESXi - get true link status from host NICs

LCMember4427
L3 Networker

‎02-23-2018 01:53 AM

Hi,

 

I'm in the process of deploying a VM-100 under VMWare ESXi 6.5 as standalone host (not member of a VCenter).

 

Everything has passed smoothly, however I want my V-100 network interface list to display the TRUE link status of each physical NIC port at the VMware host.  (I.e. whether or not live cables are plugged in to their respctive host NICs).

 

I have tried to follow the cookbook and enabled Promiscuous mode, MAC Address Changes and Forged Transmits for every vSwitch connected to their respective vmnics.  But still all VM-100 NIC display as Connected despiter when I unplug cables.

 

The only way I can force a VM-100 NIC display as disconnected is to disconnect its vmnic inESXi's V-100's VM settings.

 

What am I doing wrong?  I assume it is correct that we should be able to monitor the TRUE NIC link status (i.e. cable connected or not) from the VM-100's point of view?

 

Thanks a lot for comments on this 🙂

 

best regards Tor

0 Likes Likes
2 REPLIES 2

RobinClayton
L4 Transporter

‎02-23-2018 04:11 AM

Have you got the NICS directly passed to the GUEST somehow?

 

Normally there is a V-Switch, the guest connects to that so assumes the link is always up. and you have to virtually unplug them as you describe.

 

 

0 Likes Likes

RobinClayton
L4 Transporter
In response to RobinClayton

‎02-23-2018 06:59 AM

Having Re-read, I can see you are using V-SWITCH.

 

Think of the Physicsal NIC/CABLE as being plugged into one port of the V-Swith (You don't see this) ,  and the VNIC is plugged into another port.

 

In the real world switch, if you unplug from one port the others don't go off and it is the same in V-Switch.

 

The V-Switch does not even need (and quite often does not have) any physical NIC or connection to the real network, traffic can hapily traverse between two or more guests on the same host(s) physicaly unconnected v-switch.

0 Likes Likes
  • 1822 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks