IPCop 2.X on Proxmox 2.0

[FuriousGeorge]

I setup eth1 on my host as follows:

[COLOR=#000000][FONT=verdana]# network interface settings[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]auto lo[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]iface lo inet loopback[/FONT][/COLOR]

[COLOR=#000000][FONT=verdana]iface eth0 inet manual[/FONT][/COLOR]

[COLOR=#000000][FONT=verdana]iface eth1 inet manual[/FONT][/COLOR]

[COLOR=#000000][FONT=verdana]auto vmbr0[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]iface vmbr0 inet static[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   address  192.1.1.10[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   netmask  255.255.255.0[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   gateway  192.1.1.254[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   bridge_ports eth0[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   bridge_stp off[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   bridge_fd 0[/FONT][/COLOR]

[COLOR=#000000][FONT=verdana]auto vmbr1[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]iface vmbr1 inet manual[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   bridge_ports eth1[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   bridge_stp off[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   bridge_fd 0[/FONT][/COLOR]

I then started pfSense and was able to get into the web configurator through the LAN interface (eth0), however I can't get an IP from my modem on the WAN interface (eth1).

I see the interface in ifconfig, and I see some bytes (but no packets) sent / received.

I tried switching the interfaces in my nodes settings, switching the cables, restarting the node, and seeing if the LAN interface (now on eth1) was accessible. It was not. Of course, I could not get into Proxmox either, as I thought it should work irrespective of the host's settings.

So, that makes me thing the problem is following the interface.

I can't think of anything else I could do, other than troubleshooting by messing with the host's settings, but I have a feeling there is something simple that I might be overseeing.

Thanks in advance for the help.

 

[badji]

I setup eth1 on my host as follows:

[COLOR=#000000][FONT=verdana]# network interface settings[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]auto lo[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]iface lo inet loopback[/FONT][/COLOR]

[COLOR=#000000][FONT=verdana]iface eth0 inet manual[/FONT][/COLOR]

[COLOR=#000000][FONT=verdana]iface eth1 inet manual[/FONT][/COLOR]

[COLOR=#000000][FONT=verdana]auto vmbr0[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]iface vmbr0 inet static[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   address  192.1.1.10[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   netmask  255.255.255.0[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   gateway  192.1.1.254[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   bridge_ports eth0[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   bridge_stp off[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   bridge_fd 0[/FONT][/COLOR]

[COLOR=#000000][FONT=verdana]auto vmbr1[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]iface vmbr1 inet manual[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   bridge_ports eth1[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   bridge_stp off[/FONT][/COLOR]
[COLOR=#000000][FONT=verdana]   bridge_fd 0[/FONT][/COLOR]

I then started pfSense and was able to get into the web configurator through the LAN interface (eth0), however I can't get an IP from my modem on the WAN interface (eth1).

I see the interface in ifconfig, and I see some bytes (but no packets) sent / received.

I tried switching the interfaces in my nodes settings, switching the cables, restarting the node, and seeing if the LAN interface (now on eth1) was accessible. It was not. Of course, I could not get into Proxmox either, as I thought it should work irrespective of the host's settings.

So, that makes me thing the problem is following the interface.

I can't think of anything else I could do, other than troubleshooting by messing with the host's settings, but I have a feeling there is something simple that I might be overseeing.

Thanks in advance for the help.

Ipcop or pfsense?

whatever, I do not understand your question. a firewall like pfsense, ipcop or vyata it can be installed on a dedicated server as a firewall, it has nothing to do with Proxmox.

thank you

Badji

 

[mir]

IPCop != pfsense.

For the record: IPCop can be installed in a VM but the current stable version does not support virtio so you must choose emulated network (e1000) and emulated disk (ide).

 

[FuriousGeorge]

Sorry for the confusion.

I meant to say "pfSense" the whole time. However, I'm much more familiar with IPCop, so I said "IPCop" by habit.

In the end I found that another firewall / distro (specifically "IPCop") worked for me out of the box, so I went with that.

I suspect that I somehow messed up the pfSense installation (first timer here). I'll give it another shot next time.

 

[badji]

IPCop != pfsense.

For the record: IPCop can be installed in a VM but the current stable version does not support virtio so you must choose emulated network (e1000) and emulated disk (ide).

Ipcop it is not pfsense
Ipcop = linux with iptable
pfsense = FreeBSD with PF ( PacketFilter)

For production solutions better avoid making Firewall VT, evidence Project Proxmox canceled here firewall module.
I use pfsense as a gateway into production with proxmoxve or with OpenStack adding HAproxy to route http.

Sorry I do not believe in an architecture with a firewall VM

thank you.