Proxmox + pfsense

[Patryk803]

Hey. I have quite successfully installed pfsense on my proxmox mini PC with 2 interfaces. After the installation of pfsense I've lost access to proxmox. I know how to recover it. My question is how can I access both pfsense and proxmox from 1 LAN port? I can think of two solutions that I've already tried.
1. Bridge management interface with LAN port - didn't work
2. Assign 2 ip addresses to the LAN port - don't know how to set that one up. In terms of networking is pretty wild setup as the default GW for the proxmox is pfsense.

 

[Dunuin]

Do you passthrough the NICs? If not you could just work with virtual virtio NICs and bridges.
In case you pass them through you could still create a bridge that isn't connected to any physical NIC, give that bridge a IP and gateway and attach a virtio NIC of the pfSense VM to that bridge.

 

[Patryk803]

Hey Dunuin thanks for the reply. What I've tried now is:
Passthrough only the WAN interface
For the LAN. In proxmox create Linux Bridge with IP 192.168.0.80/24 and DGW 192.168.0.1/24 (which should point to the pfsense).
In the pfsense I attached this virtual interface (linux bridge) to the LAN. When I connect to the physical device I can access only pfsense and not proxmox. I've also tried to ping 192.168.0.80 from pfsense to proxmox and it didn't work. Means there's something wrong with the bridge for them

 

[StiLDalF]

Yeah, while you can do this using passthrough interfaces, I wouldn't - for the sake of some flexibility perhaps.

But to add to @Dunuin's explanation, here's a scenario I believe would work for you:

Proxmox Host Network

Name	Type	Ports/Slaves	CIDR	GW	Comments
enp1s0	Network Device
enp2s0	Network Device
vmbr0	Linux Bridge	enp1s0			WAN
vmbr1	Linux Bridge	enp2s0	192.168.0.80/24	192.168.0.1	LAN

pfSense VM Network

ID	Name	Bridge	IP	GW
net0	igb0	vmbr0	none	none
net1	igb1	vmbr1	none	none

pfSense Config

• igb0, WAN, DHCP-Client/Static/PPPoE depending on your ISP/ONT
• igb1, LAN, Static 192.168.0.1, DHCP Server
  • Either reserve 192.168.0.80 for Proxmox host or set non-conflicting DHCP Scope, ie: 192.168.0.100-200
• Check to disable Hardware Checksum Offloading under System > Advanced > Networking.

 

[Patryk803]

StiLDalF thanks! You've saved my hours of troubleshooting this! Btw I haven't changed anything. I just disabled this Hardware Checksum Offloading. So for the WAN I'm still using passthrough. Thanks again!

 

[StiLDalF]

Pleasure to be of service.

Nothing wrong with the passthrough NIC. I just mentioned and prefer the alternate method for the flexibility of bridging that interface to other VM instances if necessary or experimenting with other scenarios.

 

[Patryk803]

Hey. I just wanted to update this thread as I am getting errors after a day or two in pfsense console and I need to reboot the whole box. So basically it’s running Proxmox as a Hypervisor and I installed pfsense inside it. Everything is working fine for around 1-2days and after that I am getting the below messages from the console and I no longer have access to the pfsense GUI. The weirdest thing is I have access to the Internet from my 2nd Access point (only when I am connected via the cable to it) but the WiFi doesn’t work at all. So the setup is as follows: Minipc (Proxmox -> pfsense) -> Netgear Orbi AP - > Mesh Netgear Orbi 2nd AP. After those errorrs in the console I can still reach the GUI of proxmox but I cannot see any errors there. Any ideas what I did wrong? The disk I am using is SSD