You perform this procedure on all unassigned ESXi hosts in the SDDC inventory to configure non-native VLAN ID, Virtual Guest Tagging (VGT), and unreserved VLAN ID on all the port groups on the standard switch.

These controls apply only to unassigned hosts in VMware Cloud Foundation. An unassigned host is a host that is commissioned but not assigned to a workload domain. Once the host is added to a VMware Cloud Foundation workload domain, the standard switch on the host is removed and the host is added to a distributed switch.

The following configurations address ESXi standard switches only. Distributed switches are addressed in the Securing vCenter Server section (see Securing vCenter Server). If your environment does not have ESXi hosts with standard switches, you can skip this procedure.

Procedure

  1. Log in to the unassigned ESXi host you want to reconfigure by using a PowerCLI console and provide the credentials. 
    Connect-VIServer -Server host-fqdn​​ -Protocol https
  2. Configure VLAN settings on the standard switch.

    Configuration ID

    Description

    VMW-ESXI-01103

    Configure port groups on standard switches to a value other than that of the native VLAN.

    VMW-ESXI-01104

    Do not configure the port groups on standard switches to VLAN 4095 unless Virtual Guest Tagging (VGT) is required.

    VMW-ESXI-01105

    Do not configure the port groups on standard switches to VLAN values reserved by upstream physical switches.

    		 
    Get-VirtualPortGroup -Name "portgroup name" | Set-VirtualPortGroup -VLanId "New VLAN#"