DMZ and Guest's - All Traffic Appears to come from Switch IP?

C

csmall

New Member
Aug 18, 2018
2
0
1
47
I have a single proxmox node behind a pfsense firewall.

I just added a DMZ interface to the pfsense firewall, plugged the cable from the DMZ interface into an empty switch, and plugged another NIC on the proxmox node into the same switch.

I added a new vmbr1 bound to the NIC that is plugged into the DMZ switch. The vmbr1 has no IP assigned, just the bound port.

I added a new NIC to the guest vm's and removed the original NIC. I then configured the guest vm's to have DMZ addresses.

Traffic is flowing and I can see that my firewall rules are working as I change them and test things so that is great.

My only issue right now is that all traffic appears to come from the switch IP. qemu agent reports the IP of the switch in each guest instead of the IP assigned to the guest. The firewall log in pfsense shows all of the traffic for the DMZ interface as coming from the switch IP as well.

How can I make it so the IP of the guest VM is what is shown my qemu agent and more importantly that the firewall see's the traffic as coming from the guest instead of the switch? I'm a little confused.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back