Proxmox between internet and home network?

C

cycling-harpist

New Member
Mar 4, 2024
5
0
1
Hi all!

I have a server with two NICs, so I though I would use it to manage my home network. I was thinking placing it between my ISP modem and a switch with a firewall. I was thinking also running some inner services on it, for example nextcloud, pi-hole and some NAS.

I though I could use proxmox since I could easily run different VMs or containers for the different services.

Does it make sense to run pfsense/opnsense for the firewall and pi hole as dns server, all this in their own different VMs under proxmox?

Thanks!
 
Hey,

yes, this is actually a pretty common setup. You'd pass through the NIC connected to the modem to the pfsense VM. For pfsense this would then be the WAN side, the VM is also connected to vmbr0 on your second NIC that goes to your switch. You'd set up a DHCP in the pfsense VM on the vmbr0 facing interface, so all VMs on vmbr0 and all devices connected to the switch are covered.
As you said, the pi hole VM(or container) would then be advertised as the main DNS server by your pfsense, or you could probably also configure pfsense to forward DNS queries to the pi hole, both should be fine. Hope this helps :)
 
I did that for a while, but every time I broke something, my home network would go down and my wife wouldn't be happy. In my case it was much better to put pfSense on a separate device. If you are anything like me, you will experiment, break things, and end up re-installing Proxmox a few times until you get it the way you like it.
 
Hannes Laimer said:
Hey,

yes, this is actually a pretty common setup. You'd pass through the NIC connected to the modem to the pfsense VM. For pfsense this would then be the WAN side, the VM is also connected to vmbr0 on your second NIC that goes to your switch. You'd set up a DHCP in the pfsense VM on the vmbr0 facing interface, so all VMs on vmbr0 and all devices connected to the switch are covered.
As you said, the pi hole VM(or container) would then be advertised as the main DNS server by your pfsense, or you could probably also configure pfsense to forward DNS queries to the pi hole, both should be fine. Hope this helps :)
Click to expand...
This was exactly the information I was looking for. Thanks you!!

louie1961 said:
I did that for a while, but every time I broke something, my home network would go down and my wife wouldn't be happy. In my case it was much better to put pfSense on a separate device. If you are anything like me, you will experiment, break things, and end up re-installing Proxmox a few times until you get it the way you like it.
Click to expand...
Haha true :D Such a major change in network config will require down time, I'll have to plan properly. I'm trying to reduce the number of physical devices as mush as possible, so I will have to be extra careful as to not break things. Thanks for the experience sharing.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom