Creating a DMZ

[Henry]

Our PVE server has 2 nics, one for internet and one for internal LAN

We run pfsense as a VM and all works well.

I would now like to add a VM in a DMZ however am unsure of how to create the DMZ. I imagine I would require a 3rd linux bridge that the DMZ VM would connect to however as I already have my 2 nics connected to 2 linux bridges I am stuck...

 

[manu]

it depends on what you want to put in the DMZ.
If you only want to put VMs there, create a 3rd bridge and connect the DMZ VMs to this bridge and only this bridge
If you want to have other servers/physical devices to be in the DMZ, yes you will need a third physical NIC to add to this bridge.