Heh...
Drugs are the best resort sometimes...
Assuming you use ADSL, you want your modem in bridged mode
Setup two vswitches on esxi each one with its own real NIC
One will be the WAN side, one will be the LAN side.
In Sophos settings add one NIC from WAN, one from LAN
Connect an Ethernet cable from your modem to the WAN real NIC
While on Sophos initial configuration, if your modem is ADSL (like in my case), choose PPPOE for the WAN interface and fill necessary credentials
P.S.: As an alternative you could pass through the real NIC to Sophos
P.P.S: I personally prefer Sophos (my internet gateway in general) as a standalone machine. Messing with esxi won't cause internet interruptions
If your modem is a cable modem, I will let others comment about modem configuration, as I don't know
I hope I haven't confused you more..
Edit:
@joeschmuck beat me (by far) to it (writing on mobile is not my best of skills)