OpenVPN bridge and VMware ESXi


When you configure a bridged OpenVPN setup on a VMware ESXi (vSphere Hypervisor) you will notice that you can’t reach anything over the VPN except the OpenVPN host.

This is because VMware by default prevents the NIC to go into promiscuous mode so the bridge won’t work.
To fix this you need to change the VMware security policy to accept promiscuous mode.

  1. Go to ‘Configuration’ in the vSphere client.
  2. Select ‘Networking’ on the left.
  3. Click ‘Properties’
  4. Select ‘VM Network’ on the ‘Ports’ tab.
  5. Click ‘Edit’
  6. Go to the ‘Security’ tab.
  7. Select the check box for ‘Promiscuous Mode’ and select ‘Accept’.
3

Comments

  1. Quentin  November 5, 2012

    Hi,

    Is this configuration will allow clients to sniff other’s network traffic ?

    Thank’s in advance !

    reply
  2. Bugo  February 14, 2013

    This is working great, except if you have an esxi box each side – i’m trying to solve this for 3 weeks without any luck.

    reply

Add a Comment