Need help with PfSense / vlan setup on Proxmox

G

Gray wolf

Active Member
Jul 26, 2017
7
0
41
32
Hey all, I'm trying to setup pfsense on Proxmox and my network is like this: ISP router > PfSense > Lan > managed switch

The lan interface has an IP of 10.0.0.0/24 and the vlan10 is 192.168.1.0/24. Both have been configured on Pfsense and good to go. However, I'm having trouble when connecting to switch.

The lan interface of pfsense is connected to port 1 of switch, and I want port 3 and 4 to be vlan 10... Do i need to make any interface vlan aware on proxmox and do i need to tag port 1, and untagged 3-4 on switch (or vice versa)?
 
It sort of depends on how you have Proxmox configured. Are you virtualizing pfSense or running it on a separate device? When I had pfSense running virtualized on Proxmox, I did it the super simple way: I installed two extra NICs and passed them through to pfsense. So my internet WAN came in through one dedicated/passed through NIC and my LAN went out through the other passed through/dedicated NIC back to the switch. Then I had a third NIC that was dedicate to the Proxmox install itself. I am not sure if you are doing something like that or if you are sharing any NIC through setting up virtual interfaces.

Regardless of your approach, your LAN interface out of pfSense needs to go into a trunked/tagged port in your managed switch (with a PVID of 1, or whatever your management VLAN is in the switch). Likewise if you are setting up a VLAN aware bridge on Proxmox, then the port(s) that feed that bridge need to be trunked/tagged as well. That way all of the traffic for all VLANs will be passed to the proxmox bridge.

If on the other hand you want a port or set of ports to be dedicated to VLAN 10, you would set those ports to be untagged/access ports, with a PVID of VLAN10

On my Proxmox nodes, I have one NIC, and it is tagged as a bridge port to a VLAN aware bridge. And then I have a second, virtual bridge (vmbr0.100) that is set to my VLAN dedicated to Proxmox hosts, and the IP address is the one I use to log into the Proxmox web interface.

iface lo inet loopback

iface enp3s0 inet manual

auto vmbr0
iface vmbr0 inet static
bridge-ports enp3s0
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4092

auto vmbr0.100
iface vmbr0.100 inet static
address 10.10.100.2/24
gateway 10.10.100.1
Click to expand...
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back