I am moving my farm (2 Dell's R620) to a co-location hosting service.

I am trying to figure out the secure way to have my network settings

The requirements are:

• VM1 is the working HOST, includes: esxi 5.1, vSphere, 4 clients (w2008r2 all)
• VM2 has esxi 5.1 installed, and a single machine with Veeam Backup and copy 6.5 - keeping a copy of VM1 clients on the VM2 internal storage (this solution is due to a very small budget - in case of failure on Host 1 - can redirect IP's)
• Only 2 VM clients require network address and access from the WWAN - ISP provides IP's range for them (with Gateway and DNS)
• I need connection to the iDrac's from my office (option to create a VPN-SSL tunnel)
• Connection to the vSphere appliances

• I want to be able to RDP to the VM clients

• The current configuration is that each host has the iDrac dedicated nic connected , and another (NIC #1) connected - with a static IP on 192.168.3.x

• The iDrac's have a static IP from the same network range (19.168.3.x)

It will look something like this:

My thoughts:

• On NIC#2 of both hosts I will connected a crossed cable
• I will give each VM clients that needs internet access a 2ndry VM network with the assigned IP from the ISP open only to web - can not access from the

My Question:

• Should I give IP's (external) to the machines who DO NOT require WWAN Access? - I can't see a way to RDP to them directly if not.

• Should I use the crossed cable? or just plug NIC #2 to the switch?

• Will this setup even work? What do I need to verify?

• What Virtual nic's and/or switches should I create on the Hosts?