By now I had the ESX hosts and vCenter up and running in vApp, and I even got so far as adding the vESX hosts into vCenter.

Screen Shot 2013-02-11 at 11.10.25  Screen Shot 2013-02-11 at 11.44.47

What I really wanted to do is add vmkernel port to each of the vESX hosts and see if I could mount my NFS/iSCSI storage to them. To do that I would need to weaken the security on the DvSwitch Portgroup I called “ExternalNetworkStorage” at the vINCEPTION0 layer (that’s the layer where my pESX hosts and vCenter reside). I added vmkernel ports to a Standard vSwitch with IP addresses valid for my storage network (172.168.3.x and 172.168.4.x).

Screen Shot 2013-02-12 at 21.28.47

Then enabling SSH to the hosts I tried ping the NetApp and Dell Equallogic storage in my rack. Without change in the security policy – the ping fails, and traceroute indicates it cannot find a path to the pStorage. It tries to use the Management Network IP address ( of the host to communicate to the outside world.

Screen Shot 2013-02-12 at 21.40.26

To fix this I need to change the security policy on the portgroup on the DvSwitch that back the External Network & directly-connected Organization Network that allows this communication to occur.

Screen Shot 2013-02-12 at 21.37.45

Once this configuration was done I could mount my NFS datastores directly on the pStorage layer… I used simple script I borrowed from fellow vExpert Sean Duffy. I also manually enabled iSCSI on each of the hosts, and reconfigured my Dell Equallogic’s to accept connections for the IQN configured on each of the hosts as well…