Proxmox / Pfsense 2 public IPs config

T

toza

Member
Mar 15, 2021
3
1
8
40
Hi,

Im looking for some help with the setup i'm trying to achieve. I have a dedicated server (provider is not OVH) with two public IP's. First IP to access proxmox and the second I wanted to give to pfSense as the WAN IP. I've followed the instructions from the Netgate documentation, but not able to get any internet access to pfsense.

Here's /etc/network/interface

Code: 
auto lo
iface lo inet loopback

iface eno3 inet manual

iface eno4 inet manual

iface eno2 inet manual

iface eno1 inet manual

auto vmbr0
iface vmbr0 inet static
    address 85.2x4.xxx.73/32
    gateway 85.2x4.xxx.1
    bridge-ports eno1
    bridge-stp off
    bridge-fd 0

auto vmbr1
iface vmbr1 inet manual
    bridge-ports none
    bridge-stp off
    bridge-fd 0

vmbr0 - is set on the VM as the wan
vmbr1 - is set on the VM for the lan side

Additional public IP: 94.7x.xxx.202 for pfsense wan, I've added this as a static IP on the interface in pfsense but I dont get any internet no does the VM behind it.

Thanks in advance

Steve
 
toza said:
auto vmbr0
iface vmbr0 inet static
address 85.2x4.xxx.73/32
gateway 85.2x4.xxx.1
bridge-ports eno1
bridge-stp off
bridge-fd 0

auto vmbr1
iface vmbr1 inet manual
bridge-ports none
bridge-stp off
bridge-fd 0[/CODE]

vmbr0 - is set on the VM as the wan
vmbr1 - is set on the VM for the lan side

Additional public IP: 94.7x.xxx.202 for pfsense wan, I've added this as a static IP on the interface in pfsense but I dont get any internet no does the VM behind it.
Click to expand...
Is it right that you need to set a gateway that is outside of your subnet? I haven't done much with public IPs but that looks wrong to me. Shouldn't that be atleast "address 85.2x4.xxx.73/25" if your providers gateway is "85.2x4.xxx.1"?
 
Last edited:
Thanks both for replying, I've had the provider to remove the additional ip 94.7x.xxx.202/31 and allocate me a /29 instead

IP: 94.7x.xxx.64/29
Gateway: 94.7x.xxx.65

Any further help would be great

Thanks
 
Managed to get this working and pfsense is able to get to the internet. I've amended the config to routed configuration

Code: 
auto eno1
iface eno1 inet static
    address 85.2x4.xxx.73/24
    gateway 85.2x4.xxx.1
    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up echo 1 > /proc/sys/net/ipv4/conf/eno1/proxy_arp

auto vmbr0
iface vmbr0 inet static
    address 94.7x.xxx.64/29
    bridge-ports none
    bridge-stp off
    bridge-fd 0

auto vmbr1
iface vmbr1 inet manual
    bridge-ports none
    bridge-stp off
    bridge-fd 0

Assigned vmbr0 as the wan for the pfsense VM
Assigned vmbr1 as the lan for the pfsense VM

Set the static IP with the gateway inside pfsense for the wan

Setup a ubuntu VM set to vmbr1 - I have connectivity

Hope this is helpful for anyone!

Thanks
 
  • Like
Reactions: Dunuin
toza said:
Managed to get this working and pfsense is able to get to the internet. I've amended the config to routed configuration

Code: 
auto eno1
iface eno1 inet static
    address 85.2x4.xxx.73/24
    gateway 85.2x4.xxx.1
    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up echo 1 > /proc/sys/net/ipv4/conf/eno1/proxy_arp

auto vmbr0
iface vmbr0 inet static
    address 94.7x.xxx.64/29
    bridge-ports none
    bridge-stp off
    bridge-fd 0

auto vmbr1
iface vmbr1 inet manual
    bridge-ports none
    bridge-stp off
    bridge-fd 0

Assigned vmbr0 as the wan for the pfsense VM
Assigned vmbr1 as the lan for the pfsense VM

Set the static IP with the gateway inside pfsense for the wan

Setup a ubuntu VM set to vmbr1 - I have connectivity

Hope this is helpful for anyone!

Thanks
Click to expand...

Hi, I try to do the same. Managed to move the public IP to eno1 and changed my vmbr0 to my 2nd IP like in your case. I made sure the interfaces are correct on pfSense and the gateway is configured in pfSense. However, I cannot access the internet from the pfSense console. Also, if I access the IP of vmbr0 port 8006 I end up in the proxmox dashboard and not in the pfSense dashboard. When I try to ping the gateway within pfSense console, I get "sendto: Host is down". I don't understand why this is happening.

Could anybody please help me? What could be the reason for that?
 
Last edited:
ok, I found a way and I think the posts above are mis-leading, it's so much easier, actually:

Code: 
auto lo

iface lo inet loopback

auto eno1
iface eno1 inet manual

auto vmbr0
iface vmbr0 inet static
    address XXX.YYY.ZZZ.10/24
    gateway XXX.YYY.ZZZ.1
    bridge-ports eno1
    bridge-stp off
    bridge-fd 0

auto vmbr1
iface vmbr1 inet manual
    bridge-ports none
    bridge-stp off
    bridge-fd 0

Now in pfSense I set vmbr0 with my 2nd public IP (XXX.YYY.ZZZ.11/24) to my WAN interface and vmbr1 with my intern gateway IP (192.168.1.1) to my LAN interface. I also set my gateway XXX.YYY.ZZZ.1 in the web configurator of pfSense. Spoofing my mac on the pfSense interface might be an additional step if the provider does mac binding. It was not necessary in my case.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back