Do I disable node firewall if using pfSense as firewall?

[firerobin]

If using a pfSense VM as my firewall, should I disable the proxmox firewall in that node? Does not doing this have any impact on network performance?

Thanks!

 

[LnxBil]

If using a pfSense VM as my firewall, should I disable the proxmox firewall in that node?

Depends on your network layout, but normally, one pfSense VM cannot filter everything. The firewall in PVE is at multiple levels: Datacenter, Node and VM. To get the same potential security, you would need to have a pfSense in front of every VM of have #VMs network interfaces, each connected to a VM.

Does not doing this have any impact on network performance?

The number of default entries is very small, so the impact on performance is negligible.

 

[firerobin]

Depends on your network layout, but normally, one pfSense VM cannot filter everything. The firewall in PVE is at multiple levels: Datacenter, Node and VM. To get the same potential security, you would need to have a pfSense in front of every VM of have #VMs network interfaces, each connected to a VM.



The number of default entries is very small, so the impact on performance is negligible.

Thank you for your reply.

My setup is pretty basic at the moment. Just one node with only pfSense installed. One unmanaged switch feeding my LAN connections. Looking to expand on that, but first I'd like to iron out the wrinkles with the router. Latency and wifi performance have been an issue and I wasn't sure if anything within my pve could influence that.