We need to move the VIPMAIL server to DMZ zone which first requires creating a virtual vlan (to separate MAIL server) in a form of additional vSwitch or Virtual Machine Port Group.
In exhibit B, we moved VIPWEB server out to DMZ by creating additional vSwitch1 but that removed NICs from its original failover state like shown in exhibit A.
vmnic0 and vmnic1 are physical NICs that connect to CISCO switch. In exhibit B, vmnic0 connected to CISCO switch VLAN 10 and vmnic1 to VLAN 20 on the same physical switch.
The firewall takes care of the rest.
QUESTIONS:
Is it possible to move VIPMAIL to vDMZ (VLAN 20) Port Group instead of creating new vSwitch to preserve failover NICs state?
If yes, how would the NICs be physically connected to CISCO switch? How would they know which vmnic0/1 routes traffic and where?
Exhibit B is a good working solution but it separates NICs. What is the best way to accomplish desired VIPMAIL move?
