Setup Steps for Single NIC Hetzner Root Server Running ESXi with pfSense Router

  1. Order a Hetzner Dedicated Root Server with no operating system, called a “Rescue Server”.
    1. Purchase an add-on IP address for the server and request a separate MAC address for it.
    2. Request a LARA Console session from Hetzner with a VMWare ESXi installer USB inserted in the server.
    3. Once LARA Console is started and you are connected, set up RAID on your hard drives if you are going to use it.

  2. Install ESXi to Hetzner root server, in ESXi Developer Tools enable SFTP or SSH.
    1. Transfer your pfSense installation image and other guest operating system images to the server datastore.
    2. Login to the ESXi host control panel using the vSphere Client or Web UI.
    3. On the Configuration tab of the ESXi host, go into the Networking settings.
    4. Create a new Standard Switch, name it “vSwitch1” by default with it’s network named “VM Network 2”.
      (So now you should have a vSwitch0 on VM Network and vSwitch1 on VM Network 2.)

  3. Create a virtual machine named “Router” on the ESXi host with 2 NICS, 1 Core, 1GB RAM, 8GB HDD, OS set to “Other”, and choose FreeBSD OS.
    1. Assign one of the Router virtual machine NICs to “VM Network” and the other to “VM Network 2”.
    2. Assign a CD/DVD Drive to the Router virtual machine and point it to the pfSense image transfered to the datastore.
    3. Power on the Router Virtual Machine and install pfSense with all the default settings.
      (You will end up with one NIC acting as WAN using your Hetzner main IP and one NIC acting as LAN with no IP.)

  4. Create another virtual machine on the ESXi host with your desired main operating system and NIC on VM Network 2.
    1. Install your operating system to the “Main VM” and start it, you should have local network access but no internet access.
    2. Open the Main VM’s web browser and go to the pfSense UI url, which is http://192.168.1.1. by default.
    3. Login to pfSense with the default credenital “admin” and “pfSense”, start the pfSense setup wizard/walkthrough.
    4. When setting up LAN, choose the option to Spoof MAC Address and enter the MAC from the Add-on IP bought from Hetzner.
      1. (Do NOT manually set Static IP, use MAC Address Spoofing and ONLY enter the MAC Address… learn from my mistakes.)
  5. Restart the Router VM – the Main VM should now have a local IP, an external IP, and internet access!

That’s it! The process really is simple, the main bulk of time spent will be waiting on OS iso’s to transfer to the ESXi datastore plus a bit of time for the actual OS installations.

Please comment below with any questions, suggestions, or anything else!


Hetzner VMWare ESXi Install Over Lara Console Drive Redirection Error

I rented a rescue/root server from Hetzner and was attempting to install VMWare ESXi to it via LARA Console. After Waiting 45+ minutes for the .iso to transfer and load via Drive Redirection, the ESXi image booted successfully and the install process started.

Hetzner Root Server - ESXi Install Over LARA Console
Hetzner Root Server – ESXi Install Over LARA Console

Then, as my luck would have it, an error occurred with a crazy purple screen I had never seen before:

Hetzner Root Server - ESXi Install Over LARA Console Error
Hetzner Root Server – ESXi Install Over LARA Console Error

So what was the solution? Ask Hetzner to put a ESXi image on usb for you to use. 😀

How I Learned That Not All Hetzner Root Servers Are the Same!

A while back I installed VMWare ESXi 6.5 on some Root Servers from Hetzner. The majority that I setup were Hetzner EX41S-SSD builds but I also did a Hetzner PX91-SSD build.

The first few EX41S-SSD servers took VMWare ESXi 6.5 fine without problem – the only thing I’d suggest is having Hetzner put a 6.5 image on usb for you to use since loading a remote image through LARA Console doesn’t work too well.

Then I did a PX91-SSD server and had to downgrade to 5.5 in order to solve a Datastore connection issue. The PX91-SSD servers are in a different datacenter than the EX41S-SSD servers that I was used to, so this really isn’t surprising.

Hetzner PX91-SSD VMWare Lost Connection to Volume on Datastore
Hetzner PX91-SSD VMWare Lost Connection to Volume on Datastore
Hetzner PX91-SSD VMWare Lost Connection to Volume - Windows Performance
Hetzner PX91-SSD VMWare Lost Connection to Volume – Windows Performance
Hetzner PX91-SSD VMWare Lost Connection to Volume - pfSense Performance
Hetzner PX91-SSD VMWare Lost Connection to Volume – pfSense Performance

The surprise came when I was setting up another EX41S-SSD server and I had to downgrade to 6.0 from the usual 6.5 because the NIC card in this EX41S-SSD wasn’t supported by 6.5 even though other EX41S-SSD servers run 6.5 just fine. I should note that I couldn’t get 6.0, or even 5.5, to work myself and was about to just install Windows and run VMWare Workstation when a Hetzner support specialist offered to get 6.0 working for me. I assume he used a custom ESXi 6.0 image that had the missing NIC drivers that the regular image was missing.

Hetzner EX41S-SSD VMWare ESXi 6.5 Unsupported NIC
Hetzner EX41S-SSD VMWare ESXi 6.5 Unsupported NIC

So.. in conclusion.. even though you may order two servers with the same name from Hetzner, you may not be getting two physically identical servers with the same hardware – especially with the EX server packages running residential grade hardware and Skylake/Haswell CPUs.