Evening,
Sorry about the delay. I had a few major transitions at work and downtimes back to back. It looks like you have solved most of the issues. When you can get out but not back in it's one of two things gateway or subnet issues. Glad it worked out.
On your question about best practice it really depends on your requirements.
Normally you setup something like this:
Management network would contain vsphere and any esxi hosts
Virtual machine network with virtual machines. The vcenter / hosts don't need a nic in this network or anything they control vm's via virtual hardware chip and vmware tools.
Normally it's a best practice to separate vmotion and management but I avoided it on the original design in order to provide max ports for virtual machines and NFS based storage.
Please provide more details if you have additional questions and I'll get to it right away.
Thanks,
J