Hi. I'm new to proxmox 4 and new to pfsense. Does any one know how to setup pfsense with one nic? I'm using a hp 15 f039 (http://www.cnet.com/products/hp-15-...1-with-bing-64-bit-4-gb-ram-500-gb-hdd/specs/ ). I'm using debian 8 + proxmox 4 ( https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_Jessie ). pfsense (https://www.pfsense.org/ )
proxmox 4 + pfsense 1 nic setup
- Thread starter zustudios
- Start date
-
- Tags
- 1 nic pfsense proxmox 4.1
I assume you wan't something like this:
Inet <-> Pfsense <-> Proxmox <-> VM ?
You'd basically do the following:
Q2: Is this supposed to become a mobile lab or something (HP laptop used) ?
Inet <-> Pfsense <-> Proxmox <-> VM ?
You'd basically do the following:
- Assign 2 vmbrX to your proxmox
- Vmbr0 -> eth0
- Vmbr1 -> no ethx
- Assign pfsense 2 vNics
- vNic1 -> Vmbr0 -> Inet
- vNic2 -> vmbr1 -> internal Proxmox side
- Assign your VM's a vNic on vmbr1
- Gateway is Pfsense vNic1 IP
Q2: Is this supposed to become a mobile lab or something (HP laptop used) ?
I'm trying to set up nat(I don't know how yet).I ran across pfsense.I would like to use it as a "router/firewall" for my nat setup.Would it work that way?
"Inet <-> Pfsense <-> Proxmox <-> VM ?"Exactly. My host computer is in my router's dmz. I only have eth0
How should my /etc/network/interfaces look?
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth0
auto eth0
iface eth0 inet dhcp
auto vmbr0
iface vmbr0 inet static
address 192.168.X.XXX
netmask 255.255.255.0
gateway 192.168.X.X
broadcast 192.168.X.XXX
network 192.168.X.X
bridge_ports eth0
bridge_stp off
bridge_fd 0
"Inet <-> Pfsense <-> Proxmox <-> VM ?"Exactly. My host computer is in my router's dmz. I only have eth0
How should my /etc/network/interfaces look?
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth0
auto eth0
iface eth0 inet dhcp
auto vmbr0
iface vmbr0 inet static
address 192.168.X.XXX
netmask 255.255.255.0
gateway 192.168.X.X
broadcast 192.168.X.XXX
network 192.168.X.X
bridge_ports eth0
bridge_stp off
bridge_fd 0
Last edited:
yeah that works, follow the steps i provided above.
You know that proxmox has a firewall build-in, right ?
https://pve.proxmox.com/wiki/Proxmox_VE_Firewall
And you also know you should be able to do NAt straight out of the box, right ?
https://pve.proxmox.com/wiki/Network_Model
That way you will not have to run pfsense at all, nor run multiple vmbrx to force traffic over your pfsense.
Do not get me wrong, I Do run pfsense on Proxmox myself, but i run it in HA and not for the purpose of Firewall, but allowing Loadballancing over my multiple ISPs (that is homeuse btw)
What would you recommend?I'm a newbie and don't know all those words.pfsense just seemed to be easier to understand.when I tried the firewall I got kinda "lost" and didn't know what I was doing. With pfsense all I had to do was poweroff the vm. plus I don't understand all the coding yet ex:iptables .(
)
well, its not easier, it is just differently displayed.
In both options you need to make sure to not "block" the wrong ports, and to open the right ones.
For someone starting up, i'd suggest you use Proxmox and skip pfsense. especially if you do not need a firewall because your proxmox server is on a local network and already sitting behind one. putting pfsense on the same node and then sticking your VM's behind it can be quite challenging, especially if you consider iptables as coding
the best bet would be to use the proxmox wiki, do as much with the GUI (you can do almost all of it there), and rely on forum searches.
ps.: are you planning to expose proxmox to the net ?
In both options you need to make sure to not "block" the wrong ports, and to open the right ones.
For someone starting up, i'd suggest you use Proxmox and skip pfsense. especially if you do not need a firewall because your proxmox server is on a local network and already sitting behind one. putting pfsense on the same node and then sticking your VM's behind it can be quite challenging, especially if you consider iptables as coding
the best bet would be to use the proxmox wiki, do as much with the GUI (you can do almost all of it there), and rely on forum searches.
ps.: are you planning to expose proxmox to the net ?
"ps.: are you planning to expose proxmox to the net ?" I want to offer vps hosting in the future after I get enough ram and learn enough about setting up proxmox .
"Q2: Is this supposed to become a mobile lab or something (HP laptop used) ?" yes mobile lab"
"Q2: Is this supposed to become a mobile lab or something (HP laptop used) ?" yes mobile lab"
Last edited:
For someone starting up, i'd suggest you use Proxmox and skip pfsense. especially if you do not need a firewall because your proxmox server is on a local network and already sitting behind one. putting pfsense on the same node and then sticking your VM's behind it can be quite challenging, especially if you consider iptables as coding.
https://www.7pcb.com/
https://www.7pcb.com/
Last edited: