May I know the steps to configure the switch please

I have a host internal in a domain, I have assigned that as the server console to manage, and it has our internal address,

How will I configure the switch (virtual) to access the DMZ servers as they are 192 subnet,

Thanks,

Check out http://pubs.vmware.com/vsphere-50/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-50-network... - section 3 describes how to set up and configure Standard Virtual Switches -

Hello,

The OP has a common question when people first try to virtualize a DMZ. The issue is the realization that an ESX/ESXi server has built into it multiple trust zones. Those are:

1) Management

2) Storage

3) FT/vMotion

4) Virtual Machines

#4 is where you would place your DMZ virtual machines. While virtual machines CAN and sometimes do belong to the other trust zones for a DMZ, virtual machines WOULD NEVER belong to those other trust zones. So what this boils down to is the underlying hardware involved. For a DMZ you often want the following:

DMZ pSwitch <-> pNICs <-> DMZ vSwitch <-> DMZ Portgroup <->  DMZ VMs

Many however use VLANs instead (External Switch Tagging/EST)

DMZ VLAN <-> pNIC <-> DMZ vSwitch <-> DMZ Porgroups (DMZ VLAN) <-> DMZ VMs.

Or I have seen the following (Virtual Switch Tagging/VST) where all traffic is on the pSwitch (DMZ and any other all segregated using VLANs)

pSwitch <-> pNIC <-> vSwitch <-> DMZ POrtgroup (DMZ VLAN) <-> DMZ VMs

Which you use will depend on your underlying hardware, blades for example will use one of the last two, Rack servers can use the first one.

How you implement a DMZ depends on the DMZ network through out the environment.

One thing to note however is that you will need to separate the 3, non-VM, basic vSphere trust zones from the DMZ trust zone using some methodology. Usually its VLANs, but I really like physical separation of some form.  I prefer the First networkign option but have doen the second (EST) methodology myself. Keep as much 'Separate' as you can, then segregate the rest.

So in the OPs case, the ESXi hosts management appliance would reside in the Management Trust Zone and the VM would reside within the DMZ Trust Zone with networking similar to the following:

DMZ pSwitch <-> pNICs <-> DMZ vSwitch <-> DMZ Portgroup <->  DMZ VMs

Mgmt VLAN on pSwitch <-> pNIC <-> vmkernel port <-> Mgmt Appliance

Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011

Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.
vSphere Upgrade Saga -- Virtualization Security Round Table Podcast