Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 27 subscribers
  • Views 2274 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG firewall virtualized with ESXi in VMware Workstation Pro on Windows 10 platform

JustinWoolington

I'm a bit stumped on this one. Please see below for current topology.

Windows 10 PC with VMware Workstation Pro installed

- ESXi 6.0 VM within VMware Workstation

- Quad port Intel NIC installed on Windows 10 PC

- Using Virtual Network Editor, I have bridged Ethernet adapters to their perspective port on Intel NIC

- Within ESXi, NICs are showing up and showing up in vSphere 

- Sophos XG virtual appliance VM deployed, and firewall is already configured

This is what my networking looks like within VMware

I created a separate vSwitch for the WAN interface and pointed it vmnic2, and vSwitch0 is being used as the LAN interface of the firewall.

I've been doing a lot of researching, but there's not a whole lot posted on what I'm trying to do here. 

Does the LAN interface of the XG need to be on it's own vSwitch as well, or can this be shared with the vSwitch0? I also have a VLAN 5 interface (Guest) on the XG that I've configured off the LAN interface, but I can't talk to it when everything is connected. I've done all the necessary tagging between switches and firewall rules. Does there need to be some sort of static route, or does tagging within vSphere networking?

I also use the Windows 10 machine as my workstation too, using the onboard NIC for network connection. Is what I'm trying to do possible? 



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    while the configuration looks okay, I am not sure about it being very secure or stable with W10 as its base. If you log into the XG console does it show the interfaces s active? The configuration will run very hot with W10 providing the underline connectivity and performance will be erratic because you need to dedicate CPU, memory and disk space which upset W10.

    What does W10 show about the interfaces.

    You would be better off with dedicated hardware.

Reply
  • 0

    Hi,

    while the configuration looks okay, I am not sure about it being very secure or stable with W10 as its base. If you log into the XG console does it show the interfaces s active? The configuration will run very hot with W10 providing the underline connectivity and performance will be erratic because you need to dedicate CPU, memory and disk space which upset W10.

    What does W10 show about the interfaces.

    You would be better off with dedicated hardware.

Children
  • 0 in reply to rfcat_vk

    Thanks for your reply. 

    Resource wise, I'm not too worried about. I run an 8-core Xeon and have 32g, which I have dedicated 8g for ESXi. Storage is all SSD, and dedicated to ESXi already. I can get more performance this way versus dedicated hardware, as I am running home version of XG. 

  • 0 in reply to JustinWoolington

    Hi Justin,

    The home version of the XG maximum CPU is 4 cores preferable real, 6gb of  ram and about 60-100gb of disk. Not sure why you think you are able to obtain better performance or how you  will be able to utilise it?

    I use XG home on dedicated hardware and have no issues with performance. Dedicated hardware provides reliability and security.

    Ian

  • 0 in reply to rfcat_vk

    Thanks, but the reason I posted this thread is not because of a performance issue. Virtualizing gives you flexibility to add more resources on the fly, as well as out perform any hardware appliance. I know this because I work with hundreds of XGs daily, virtual and dedicated hardware. There are no security risks with virtualizing either. If you have any input on the issue I posted about, please post suggestions to that, no performance. 

  • 0 in reply to JustinWoolington

    You didn't answer my questions.

    Ian