1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Proxmox Pfsense working setup solved 2 NIC.

Discussion in 'Proxmox VE 1.x: Installation and configuration' started by michaelvv, Sep 5, 2009.

  1. michaelvv

    michaelvv Member

    Joined:
    Oct 9, 2008
    Messages:
    92
    Likes Received:
    0
    Hi Proxmox.

    After a lot of reading regarding this issue , and not much answer to a solution i think
    a might have a working solution...

    What i want to archive was this setup.

    INET - KVM Pfsense - eth1 - proxmox - eth0 - LAN.

    Then i would be 100% that all traffic passed through the KVM Pfsense as i normally
    had on a ALIX board...

    proxmox server : 192.168.1.90
    pfsense : LAN : 192.168.1.41 WAN 10.0.0.41
    ADSL router : 10.0.0.1

    First my /etc/network/interfaces on the proxmox

    auto lo
    iface lo inet loopback

    auto vmbr0
    iface vmbr0 inet static
    address 192.168.1.90
    netmask 255.255.255.0
    #gateway 192.168.1.41
    bridge_ports eth0
    bridge_stp off
    bridge_fd 0

    auto vmbr1
    iface vmbr1 inet manual
    bridge_ports eth1
    bridge_stp off
    bridge_fd 0

    I have comment out the gateway cause it's not up working at the time the proxmox
    is initializing the network interfaces.. It if first available when KVM Pfsense is loaded
    therefore i bring the gateway up in /etc/rc.local

    i added this line to the file :

    route add default gw 192.168.1.41 dev vmbr0

    PS! quick and dirty fix but it works...

    I then installed the pfsense firewall ISO as a KVM and i added the 2 NIC to it.

    vmbr0 - LAN
    vmbr1 - WAN

    remember to check that the MAC addresses are correct...

    Install the Pfsense -> Install to harddisk think it's option 99 , and when it's done
    alter the LAN it's normal set to 192.168.1.1 to in my case 192.168.1.41...

    I then configured the WAN IP on pfsense to 10.0.0.41 and i set the gateway to
    10.0.0.1

    Check the pfsense can ping for instance google.com and that it can ping your
    computer on the LAN it's very important that this works...

    I have several Venet OPenVZ containers check that they are able to reach the
    internet.

    When all this is done , restart your proxmox server so you're sure it's working...

    I'm not able of doing a WIKI on this subject but if something be more correctly done
    please make a comment.

    Hope this could solve the firewall issue..

    /Michael
     
  2. tai

    tai New Member

    Joined:
    May 17, 2011
    Messages:
    1
    Likes Received:
    0
    Hi michaelvv

    If I would like use pfSense-2.0-RC1 and add more network such as
    1. DMZ network
    2. Option Network for WiFi
    How to configure all traffic passed through pfsense?

    Thank you.

    Yaya
     
  3. michaelvv

    michaelvv Member

    Joined:
    Oct 9, 2008
    Messages:
    92
    Likes Received:
    0
    Hi TAI.

    Never had tried that , so i really don't know.
    But i guess start with adding the DMZ network card to
    /etc/network/interfaces like the vmbr1.

    My Current config without DMZ taken from /etc/network/interfaces is :

    auto lo
    iface lo inet loopback

    auto vmbr0
    iface vmbr0 inet static
    address 192.168.1.90
    netmask 255.255.255.0
    gateway 192.168.1.41
    bridge_ports eth0
    bridge_stp off
    bridge_fd 0

    auto vmbr1
    iface vmbr1 inet manual
    bridge_ports eth1
    bridge_stp off
    bridge_fd 0

    Then install the PFSENSE and see if this extra
    network card shows up.

    /Best Michael
     
  4. spccat

    spccat New Member

    Joined:
    Nov 3, 2013
    Messages:
    12
    Likes Received:
    0
    Hi Michael,

    I was wondering how should I do it with one NIC. Problem is that the server is in a data centre. So if I change the WAN on the interface I loose access to the server ...

    thanks in advance.
     

Share This Page