Correct Nic Configuration for WAN and LAN with Firewall

[sunghost]

Hi,
i want to use pfsense as firewall and for my wan ppoe nat configuration. actually i have configured in proxmox 2 nics vmbr0 for lan (192.xxx) and vmbr1 (10.xxx) for wan both as bridge network. in pfsense i have two nics as bridge too, net0->vmbr0 and net1->vmbr1. my question is about security and the correct configuration of the nics. should i and when which nic, should i configure for nat if i want to activate it in pfsense?

 

[tom]

this question is too general and there is no simple answer. thats the reason why no one answered so far.

 

[sunghost]

Hi Tom,

ok but i think thats not as special, because i want to simply use a second eth only for pppe out of vmbr. And the question about security is, how to configure the second eth and the vmbr for the virtual machine. should i use the vmbr still as bridge and configure the vm with nat or must the vmbr configure as nat too? should i use it as host only? my concerns are that another vm could use the second nic, while it is confiured as bridge, as well and go around the firewall.