One Public IP on a dedicated server

[albgen]

Hello,

i have installed proxmox and the current configuration is the default one, so one ethernet port eno1 and one linux bridge vmbr0 which has as bridge port set to the interface eno1. The public ip address is setup on the bridge. i can reach the proxmox interface on the public ip address.

I have created a new bridge interface called vmbr1, and a pfsense VM. The pfsense has the wan port on vmbr0 and the lan port on vmbr1. Than, i have created a vm and connected on the lan of pfsense...
The problem is that the vm on the does not have internet acccess.

What i want is to have something like the following: the same config but the public ip address on the pfsense so the VMs on the LAN part to be able to have connection.
Is this possible with one only public ip address? if this is possible than how can i reach the proxmox web interface?

thank you

 

[H4R0]

It's possible but very tricky to setup. It's definitely not for beginners you must be familiar with linux and networking.


It will work something like that:

You will first have to give your proxmox the public ip.

Setup a second interface for managment on proxmox and give proxmox a ip in it, any private subnet will work.

Add both interfaces wan and management to pfsense, in the install wizard setup pfsense only with the management interface for now.

You can use a ssh tunnel now to connect to the pfsense web interface for further configuration.


First disconnect the wan nic in vm hardware advanced options so pfsense can not connect via wan for now.

Configure pfsense with the puplic ip on wan, setup gateway and nat.

Create a third interface for the lan subnet that vm's will use and configure dhcp, dns etc.

Setup firewall rules, allow traffic for port 8006 to proxmox and setup port forwarding.


Then shutdown pfsense, connect the nic, enable autostart and remove the proxmox wan ip configuration.

Now if you reboot proxmox it should boot pfsense which will take the wan ip.


If you can connect via wan ip port 8006 to proxmox everything worked.

As fallback you can setup a cron job to restore the original network config of proxmox and disable pfsense autostart.

 

[albgen]

Thank you. i will try

 

[albgen]

too complex. Finished using NAT...hope not to have other issues

 

[bobmc]

https://docs.netgate.com/pfsense/en/latest/recipes/virtualize-proxmox.html

 

[Code-Exec]

Hello,

i have installed proxmox and the current configuration is the default one, so one ethernet port eno1 and one linux bridge vmbr0 which has as bridge port set to the interface eno1. The public ip address is setup on the bridge. i can reach the proxmox interface on the public ip address.

I have created a new bridge interface called vmbr1, and a pfsense VM. The pfsense has the wan port on vmbr0 and the lan port on vmbr1. Than, i have created a vm and connected on the lan of pfsense...
The problem is that the vm on the does not have internet acccess.

What i want is to have something like the following: the same config but the public ip address on the pfsense so the VMs on the LAN part to be able to have connection.
Is this possible with one only public ip address? if this is possible than how can i reach the proxmox web interface?

thank you

I've been down this road before. To separate networks, there are only two options - a separate virtual subnet + NAT or VLAN + routing. You can use my revision to manage NAT from WebGUI - https://github.com/Code-Exec/Proxmox_NAT_Patch