This section is an overview of how you deploy an ESXi gateway within your network.
If you want a gateway hosted in Amazon Web Services, skip this section. We'll guide you through all the configuration you need later.
You can deploy an ESXi gateway as a one-arm or two-arm proxy.
One-arm proxy deployment uses the WAN (external interface) for both incoming and outgoing traffic through the firewall. It minimizes changes to your infrastructure.
Two-arm proxy deployment uses both WAN and LAN (external and internal interfaces). This requires infrastructure changes but provides the best security and throughput.
You can also choose whether the gateway connects to the firewall's LAN or DMZ, or (for two-arm) to the cloud.
Click on one of the tabs below to see the network configuration you can use for each deployment type.
Here are the configurations for one-arm deployments.
One-arm gateway connects to firewall LAN
One-arm gateway connects to firewall DMZ
Here are the configurations for two-arm deployments.
Two-arm gateway connects to firewall LAN: Load balancing by gateway cluster or firewall
Two-arm gateway connects to cloud: Load balancing by gateway cluster
Two-arm gateway connects to firewall DMZ