pfsense VM and proxmox firewall

F

fox95

New Member
Apr 14, 2022
9
0
1
I have a server with prox mox installed and a virtual machine of pfSense running on it for the firewall for my network.

what I am curious to know is what is the best way to configure the proxmox fire walls? should i just enable the “datacenter” firewall? or just the fire wall on the “node” or just the firewall on the VM? or all? or none?

would i be correct in thinking that it’s redundant and unnecessary to enable any of the proxmox firewalls since my WAN comes in through the NIC to the pfsense VM?

thanks
 
Your pfsense can only firewall between the subnets, so for example between WAN->LAN or LAN->DMZ. It can't firewall any communication inside a subnet. For that you got the PVE firewall.
 
  • Like
Reactions: fox95 and hmohr
Dunuin said:
Your pfsense can only firewall between the subnets, so for example between WAN->LAN or LAN->DMZ. It can't firewall any communication inside a subnet. For that you got the PVE firewall.
Click to expand...
Thanks Dunuin! I wasn't aware of the utility of PVE Firewall.

So..

Pfsense for inbound and outbound connections
PVE firewall for local comunication


Also you can checkout to use nic passtrought, if desired
 
  • Like
Reactions: fox95
Good Morning,

wanna push again this post to understand what i'm doing wrong.
I've setup proxmox8 with 1 public IP and pfSense as router. As long i have never turn on the proxmox firewall, i've access to the internet (with pfsense and ofc the installed VMs).

Once i have activated the proxmox firewall, i have nowhere internet connection. Also when i turn off the firewall again. Tried also the cmd via `pve-firewall stop` but it doesn't help.

Before, when the firewall was activated, i added rules for http, https, ssh and ofc the webinterface to the datacenter firewall rules. I also tried to accept all incoming and outcoming traffic but still have no internet access.

Whould be nice to understand, what i'm doing wrong and where is my fallacy. Thanks in advance.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back