I'm setting up Proxmox server with pfSense as a VM to act as the main gateway/firewall. The system is in a remote location with a single ISP connection in passthrough mode providing a public IP.
My concern: If the pfSense VM becomes inaccessible, I could lose remote management access to the Proxmox host itself since pfSense would be the gateway under Proxmox.
Network layout:
- Onboard NIC for management (LAN: 10.0.0.251/24)
- NIC port 1 for WAN (ISP connection with public IP)
- NIC port 4 for LAN (internal network)
What's the most "Proxmox-native" way to ensure I maintain management access to the host even if the pfSense VM fails? I want to implement this following Proxmox best practices without introducing complicated custom configurations that might break during updates.
I've researched using Proxy ARP as a potential solution, but everything I've found seems to fall outside of normal Proxmox methodology. Is there a standard approach to solving this single-public-IP gateway redundancy problem?
My concern: If the pfSense VM becomes inaccessible, I could lose remote management access to the Proxmox host itself since pfSense would be the gateway under Proxmox.
Network layout:
- Onboard NIC for management (LAN: 10.0.0.251/24)
- NIC port 1 for WAN (ISP connection with public IP)
- NIC port 4 for LAN (internal network)
What's the most "Proxmox-native" way to ensure I maintain management access to the host even if the pfSense VM fails? I want to implement this following Proxmox best practices without introducing complicated custom configurations that might break during updates.
I've researched using Proxy ARP as a potential solution, but everything I've found seems to fall outside of normal Proxmox methodology. Is there a standard approach to solving this single-public-IP gateway redundancy problem?