Need help with a firewall setup

[digipen79]

I have Proxmox installed on an old Dell R630, with a quad NIC setup. I want to have my modem connected to port 1 with DHCP, as my ISP doesn't allow for static IPs for residential customers, pass that through to my opnsense VM, out the VM on port 2 to my main Unifi router, then back in on port 3 for the rest of my VMs as well as for Proxmox management.

Any thoughts on the best way to go about doing this?

 

[bl1mp]

Well, if I understand it correctly, that should be a simple setup.

Just create:
- a vmbr1 on port1 of the R630 and connect the OpenSense VM one nic to that bridge. (let the OpenSense do the DHCP request, PVE won't be accessible on that vmbr, because it does not have a own ip.)
- a vmbr2 on port2 of the R630 and pass that to the Unify Router. ( pot. with static IPs for both of them and no IP on the bridge directly)
- a vmbr3 on port3 (assign a static IP-Address directly on the vmbr of the proxmox ve host [in the network section of the GUI or in /etc/network/interfaces])
The static should not be conflicting with a potential DHCP-Range, if you activate DHCP within your network)
Assign the network interfaces of all other VMs to the vmbr3. So they will only see each other, the pve host, the network connected to internal nic of the
Unifi router.

BR, Lucas

PS: If you run in some configuration issues with the OpenSense, you can also try OpenWRT and Vyos as Routing OSes