Hi,
I'm quite new to Proxmox but I already like it a lot! At the moment I'm planning to create the following setup:
There's one dedicated Proxmox server which serves one firewall (pfsense) and a few application VMs/CTs. The firewall has two network devices. One connected to vmbr0, which is connected to eth0. eth0 is the only physical interface. The firewall's second network device is connected to vmbr1. Every other vm is connected to vmbr1 too. This way I have an internal network with a dedicated firewall. To access the internal network, the firewall provices a OpenVPN service. This works great so far.
Now I noticed that, if one of the VMs on the internal network got hijacked, the attacker would have bypassed the firewall and it might be easer for him to access other servers. One possible solution would be to add one bridge per VM and add another network device for every VM to the firewall. The problem with that is, that I would have to reboot the firewall every time I create a new VM. I also thought about some quite simple iptables statements on the VM host to deny "cross-VM" communication. But this is also a bad idea, because public services should be reachable. Also I would have to maintain two different firewalls. Finally I spent a few hours fiddling around with Open vSwitch and VLANs, but it seems not to integrate very smoothly with proxmox.
What do you think is the best solution for my problem?
Thanks for reading!
I'm quite new to Proxmox but I already like it a lot! At the moment I'm planning to create the following setup:
There's one dedicated Proxmox server which serves one firewall (pfsense) and a few application VMs/CTs. The firewall has two network devices. One connected to vmbr0, which is connected to eth0. eth0 is the only physical interface. The firewall's second network device is connected to vmbr1. Every other vm is connected to vmbr1 too. This way I have an internal network with a dedicated firewall. To access the internal network, the firewall provices a OpenVPN service. This works great so far.
Now I noticed that, if one of the VMs on the internal network got hijacked, the attacker would have bypassed the firewall and it might be easer for him to access other servers. One possible solution would be to add one bridge per VM and add another network device for every VM to the firewall. The problem with that is, that I would have to reboot the firewall every time I create a new VM. I also thought about some quite simple iptables statements on the VM host to deny "cross-VM" communication. But this is also a bad idea, because public services should be reachable. Also I would have to maintain two different firewalls. Finally I spent a few hours fiddling around with Open vSwitch and VLANs, but it seems not to integrate very smoothly with proxmox.
What do you think is the best solution for my problem?
Thanks for reading!