Id like to update vCenter and ESXI without having a gateway on my Management Network as denoted in vCenter. Instead I would like to update using the second nic connected to vCenter which does have a gateway and allows only vCenter updates though.

 

My lab is air gapped. I dont want to expose management services to the public internet. I will only use this other NIC1 as the update NIC, using vCenter as a ?proxy? tot he ESXI hosts.

 

If I need to I can put a VMK on the ESXI hosts to reach the public as well, but would rather not put Management services on that VMK. This would allow my system to be connected from the Public Network, defeating the idea of Air Gapped – I will only use this second connection while updating vCenter and ESXi hosts.

 

NIC0 – Management Network – No Gateway

NIC1 – DHCP with access to Internet (no management services assigned)

 

Is this possible? Am I missing something?

 

Maybe I should just make a soft proxy vm or something.

 

 

Thanks,

Eric