Proxmox VE with PFSense unable to reach Web Configurator

thefuzz4

New Member
Feb 18, 2020
10
0
1
39
Hey Everyone,
So I just got my pfsense VM installed and I can ping it from a Ubuntu Host using the live CD, but whenever I try and go to the Configurator in firefox in Ubuntu and it just spins and spins.

I initially setup pfsense with virtito NIC as well as Ubuntu then I switched them both over to the e1000 but still no luck.

I wish I could provide more than just a few lines here but I'm really stumped and not quite sure where to go next with this.
 

stefan.p

New Member
Jan 19, 2020
7
0
1
31
hi there,

You need at least two interfaces to run pfsense.
one is for WAN and one is for LAN.
Connect all other vm's to the LAN interface to access the webgui
 

thefuzz4

New Member
Feb 18, 2020
10
0
1
39
hi there,

You need at least two interfaces to run pfsense.
one is for WAN and one is for LAN.
Connect all other vm's to the LAN interface to access the webgui
Yep I do have 2 interfaces on the PFSense. Right now I'm just trying to get the silly web configurator to load up so that I can configure the dang thing. I've done it a bunch in VMWare but I'm transitioning my builds over to Proxmox
 

thefuzz4

New Member
Feb 18, 2020
10
0
1
39
So it seems to be something to do with when I have it bound to a bridge that has an interface attached to it. So my interfaces file looks like this
Code:
### Hetzner Online GmbH installimage

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback
iface lo inet6 loopback

iface eno1 inet manual

auto vmbr0
iface vmbr0 inet static
  address PublicIP
  netmask 255.255.255.224
  gateway PublicGW
  # route 176.9.11.160/27 via 176.9.11.161
  up route add -net 176.9.11.160 netmask 255.255.255.224 gw 176.9.11.161 dev eno1
  bridge-ports eno1
  bridge-stp off
  bridge-fd 0

iface eno1 inet6 static
  address IPV6
  netmask 64
  gateway fe80::1

iface eno1.4002 inet manual
  vlan-raw-device eno1
  mtu 1400

auto eno1.4001
iface eno1.4001 inet static
  address 192.168.60.2
  netmask 255.255.255.0
  broadcast 192.168.60.255
  vlan-raw-device eno1
  mtu 1400

auto vmbr1
iface vmbr1 inet static
  bridge_ports eno1.4002
  bridge_stp off
  bridge_fd 0

auto vmbr2
iface vmbr2 inet static
  bridge_ports none
  bridge_stp off
  bridge_fd 0
I have 2 hosts at hetzner and I'd love to have them talk over the vlan with the Hetzer VSwitch but for the life of me I just cannot figure out what I need to configure to get these 2 hosts to talk over the vlan.
 

stefan.p

New Member
Jan 19, 2020
7
0
1
31
So it seems to be something to do with when I have it bound to a bridge that has an interface attached to it. So my interfaces file looks like this
Code:
### Hetzner Online GmbH installimage

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback
iface lo inet6 loopback

iface eno1 inet manual

auto vmbr0
iface vmbr0 inet static
  address PublicIP
  netmask 255.255.255.224
  gateway PublicGW
  # route 176.9.11.160/27 via 176.9.11.161
  up route add -net 176.9.11.160 netmask 255.255.255.224 gw 176.9.11.161 dev eno1
  bridge-ports eno1
  bridge-stp off
  bridge-fd 0

iface eno1 inet6 static
  address IPV6
  netmask 64
  gateway fe80::1

iface eno1.4002 inet manual
  vlan-raw-device eno1
  mtu 1400

auto eno1.4001
iface eno1.4001 inet static
  address 192.168.60.2
  netmask 255.255.255.0
  broadcast 192.168.60.255
  vlan-raw-device eno1
  mtu 1400

auto vmbr1
iface vmbr1 inet static
  bridge_ports eno1.4002
  bridge_stp off
  bridge_fd 0

auto vmbr2
iface vmbr2 inet static
  bridge_ports none
  bridge_stp off
  bridge_fd 0
I have 2 hosts at hetzner and I'd love to have them talk over the vlan with the Hetzer VSwitch but for the life of me I just cannot figure out what I need to configure to get these 2 hosts to talk over the vlan.
I'm not well versed when it comes to VLAN's and bonding to be honest and would start simple first.
You have to configure pfSense first before you're able to access the web gui.
console into your pfSense VM and Assign interfaces.
You have to find out which interface is the WAN and LAN.
After that you can set interfaces IP address leave the WAN alone DHCP and configure the LAN interface. This has to be on a different subnet that the WAN just FIY.
Make sure you enable DHCP on that interface when prompted.

This is how I setup my installation.

I have 3 NIC's in my proxmox PC.

NIC1 vmbr0 static 192.168.100.60 is my Proxmox management interface
NIC2 vmbr1 gets IP from router via DHCP 192.168.100.165 is my pfSense WAN interface
NIC3 vmbr2 static 192.168.50.5 pfSense LAN interface

All VM's use vmbr2 as interface.

You can spin up a VM with Linux/Windows (network interface vmbr2) or connect a switch to the physical pfSense LAN NIC and connect a laptop/PC and open the pfSense WebGui via the LAN IP (in my case 192.168.50.5).
After that work you can start looking into bonding the VLAN's.
Hope this helps
 
Last edited:

thefuzz4

New Member
Feb 18, 2020
10
0
1
39
Well so the good news is that I now have my servers communicating over the vlan YES!!!!. But here is the bad news. The VMs cannot talk to each other over the vlan.

Just so I'm clear on something with VLANs. Should the VMs be on the same vlan that the bridge is on? Thanks for your help with this as I continue to plug away at this.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!