IP tunnel in node or VM

[janos]

Hello,

I would like to connect 3 Proxmox server over internet to a central mikrotik router, to extend our internal network (in routed mode). (not for connecting to each proxmox, these are standalone proxmox servers)

This is an easy thing with IPIP tunnel. What i don't know, where i create the tunnel? On the proxmox node itself, or create a VM and run the tunnel into that?

If a VM, i think it have 2 interface, one for net, one for internal network with tagged traffix, what i can extract on the host itself and other vm-s etc (or create separate bridge per vlan, i dont know, but this is doesnt matter).

What is the usual, and stable way for this? VM or node?

Thanks!

 

[bobmc]

I've done this by installing pfSense as a VM. This seems to be simplest and cleanest way to do it. While you could install VPN packages on the proxmox host, using pfSense as a VM to provide the IPSEC or OpenVPN links is much easier to manage as there is a very intuitive GUI and good documentation on settings things up.

There's a good article on the NetGate website specifically about setting up pfSense under Proxmox.

Make the pfSense LAN IP the default gateway for the proxmox host and guests and you should be good to go.

 

[janos]

Hi,

IPIP is not a VPN and not need any extra packages for this.

Finally i configured it on the host level (its easy to do in network config file), because in this case when node up (and it have network) i can reach it via the tunnel.