Many years ago, with the help of some folks in a specialty forum, I built my own custom home networking setup with a virtualized firewall running on a Linux box. That has worked fantastically for me over the years, but the pieces of that are well aged, and I also recently discovered some quirk in the configuration is limiting my downstream throughput. So I'd like to modernize my setup - starting with Proxmox. I'd like a sanity check on my plans here for my install and any suggestions for improvements/refinemens/"Oh don't DO that's" to my approach. No networking guru here - know just enough to get myself in trouble sometimes LOL 
My main box is connected to the Internet via a cablemodem (no alternatives yet, dang it). My curren box is an *old* Ubuntu server install with a virualized open-souce Smoothwall (under VirtualBox). Then I discovered Proxmox and pfSense and that instantly became my migration model. Here's my plan (server has three 1Gb NICs):
1. Install proxmox as the boot OS on an SSD. Enable iommu and reboot. Allow it to snag the IP from the cablemodem (external facing NIC), then assign a local IP as the management interface so I can access the GUI.
2. Build a VM (intended to serve as the host for pfSense) and passthrough the external-facing NIC as one network port, which should then carry it's MAC to the new VM. Assign another port to the virtual bridge to my internal LAN.
3. Reboot Proxmox
4. Mount the pfSense installer into its VM, boot and proceed with its configuration.
It doesn't seem terribly complicated on the face, just working through a few uncertainties about accessing the proxmox web GUI along the way. I'd also like to block the management port from the external NIC just during the early stages of the install because it will be exposed (at least temporarily) until I get the NIC passed through and the pfSense VM going.
Once this is up, I plan to fire up TrueNAS to modernize my storage, but that's obviously beyond this iniial setup scope.
My thanks for any assistance.
My main box is connected to the Internet via a cablemodem (no alternatives yet, dang it). My curren box is an *old* Ubuntu server install with a virualized open-souce Smoothwall (under VirtualBox). Then I discovered Proxmox and pfSense and that instantly became my migration model. Here's my plan (server has three 1Gb NICs):
1. Install proxmox as the boot OS on an SSD. Enable iommu and reboot. Allow it to snag the IP from the cablemodem (external facing NIC), then assign a local IP as the management interface so I can access the GUI.
2. Build a VM (intended to serve as the host for pfSense) and passthrough the external-facing NIC as one network port, which should then carry it's MAC to the new VM. Assign another port to the virtual bridge to my internal LAN.
3. Reboot Proxmox
4. Mount the pfSense installer into its VM, boot and proceed with its configuration.
It doesn't seem terribly complicated on the face, just working through a few uncertainties about accessing the proxmox web GUI along the way. I'd also like to block the management port from the external NIC just during the early stages of the install because it will be exposed (at least temporarily) until I get the NIC passed through and the pfSense VM going.
Once this is up, I plan to fire up TrueNAS to modernize my storage, but that's obviously beyond this iniial setup scope.
My thanks for any assistance.