Proxmox VE & PFsense - VLAN Configuration

L

lostling

New Member
Sep 25, 2021
8
0
1
35
Hi All,

Background:

Newbie here, just started mucking around with both proxmox and pfsense recently, trying to upgrade my home network.

Current Configuration:

Proxmox
1. eno4 / my wan / vmbr0
2. bond0 / eno1 eno2 eno3 / vmbr1
3. vmbr1.10 / Infra / I have set the CIDR to be 192.168.10.2
4. I have allocated vmbr0 and vmbr1 tagged with vlan 10 on proxmox to my pfsense vm

Pfsense
1. WAN / vtnet0 / vmbr0
2. LAN / vtnet1.10 / vmbr1 / v4 192.168.10.1

Switch
1. Ports 1-3 are bonded ( Have assigned all vlans to this port )
2. Port4 / I have currently connected my laptop to this port. ( Have enabled all vlans to this port)


Current Status:
1. I can connect to my switch's ip address which is on vlan 10
2. I can connect to my proxmox ip address which is on vlan 10
3. I am unable to ping or contact my pfsense which is supposed to be on vlan 10

Not exactly sure what I am missing.
 
Been swapping some things around, still cant get it to work

auto lo
iface lo inet loopback

auto eno4
iface eno4 inet manual

auto eno1
iface eno1 inet manual

auto eno2
iface eno2 inet manual

auto eno3
iface eno3 inet manual

auto bond0
iface bond0 inet manual
bond-slaves eno1 eno2 eno3
bond-miimon 100
bond-mode 802.3ad

auto vmbr1
iface vmbr1 inet manual
bridge-ports bond0
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094

auto vmbr1.10
iface vmbr1.10 inet static
address 192.168.10.2/24
gateway 192.168.10.1

Without the VLAN I am able to reach proxmox(192.168.10.2) over the bond however once I add the vlan it stops working.
 
As described in other topics, its a best practice to do not use proxmox and pfsense using one physical interface (eno4 in you case). Because pfsense can lost sometimes (we experienced this, and then you would need to restart pfsense.)

Why you don't use 1 physical port to proxmox and other to pfsense (and behind its VMS)?

And i think you should be using bond in pfsense not proxmox, idk why
 
Managed to ping to proxomox IP from both the laptop and pfsense, but unable to reach pfsense directly from the laptop

not sure if the issue is proxmox based, switch based or pfsense based.

Current proxmox network setting:

auto lo
iface lo inet loopback

auto eno4
iface eno4 inet manual

auto eno1
iface eno1 inet manual

auto eno2
iface eno2 inet manual

auto eno3
iface eno3 inet manual

auto bond0
iface bond0 inet manual
bond-slaves eno1 eno2 eno3
bond-miimon 100
bond-mode 802.3ad

auto vmbr1
iface vmbr1 inet manual
bridge-ports bond0
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094

auto vmbr0
iface vmbr0 inet manual
bridge-ports eno4
bridge-stp off
bridge-fd 0

auto vmbr1.10
iface vmbr1.10 inet static
address 192.168.10.2/24
gateway 192.168.10.1

pfsense VM network settings

Network Device (net0) virtio , firewall=1
Network Device (net1) virtio

Current pfsense settings

WAN -> vtnet0 -> v4/DHCP: 192.168.5.108/24
LAN -> vtnet1 ->
OPT1 (OPT1) -> vtnet1.10 -> v4: 10.57.75.1/24
 

Attachments

  • illustration.png
    illustration.png
    13.9 KB · Views: 18
from the last post I see OPT1 (OPT1) -> vtnet1.10 -> v4: 10.57.75.1/24 on pfSense. Then I see that on Proxmox the vmbr1.10 gateway is 192.168.10.1. So where is the the 192.168.10.1 gateway on vlan10? pfSense (gateway) is listening/defined as 10.57.75.1 on vlan10 from what you have here. I assume that LAN -> vtnet1 -> v4/DHCP: 192.168.10.1/24 in pfSense?

To me you would need to try the below:

Code: 
auto vmbr1
    iface vmbr1 inet static
    address 192.168.10.2/24
    gateway 192.168.10.1
    bridge-ports bond0
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    bridge-vids 2-4094

then if you want to reach the Proxmox WebGui and pfSense from the laptop (the laptop has a DHCP address from pfSense in the 10.57.75.0/24 subnet I assume) in Vlan10 you would need to give Proxmox an address to listen in that subnet as well (example with 10.57.75.2 below no 2nd gateway needed/allowed) or punch a hole in the pfSense firewall between the the 10.57.75.0/24 and 192.168.10.0/24 subnets:

Code: 
auto vmbr1.10
iface vmbr1.10 inet static
    address 10.57.75.2/24
 
Last edited:
Oops sorry I was typing it out thinking of another network, the correct settings is below.

Current pfsense settings

WAN -> vtnet0 -> v4/DHCP: 192.168.5.108/24
LAN -> vtnet1 ->
OPT1 (OPT1) -> vtnet1.10 -> v4: 192.168.10.1/24
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom