Have a Proxmox VE instance setup which has five physical NICs. The first NIC I am currently using to connect to the management interface, but would like to setup pfsense in a VM to replace my ISP router/firewall. What would be the recommended way to set this up for security? I do not have a VLAN capable switch.
Current setup:
- Internet comes into ISP router (currently default gateway)
- Cat6 cable from ISP router to unmanaged 1GB switch
- Cat6 cable from proxmox to unmanaged switch
- PiHole setup as LXC and internal clients set to use it for DNS
- Debian VM running docker containers
What is the best way to utilise the four spare NICs and route all traffic through a pfsense VM, without unduly exposing internal clients to unnecessary risk by having them all in a single subnet on proxmox host? In the future I'd like to access some containers externally, but not figured out how to safely do that yet.
Current setup:
- Internet comes into ISP router (currently default gateway)
- Cat6 cable from ISP router to unmanaged 1GB switch
- Cat6 cable from proxmox to unmanaged switch
- PiHole setup as LXC and internal clients set to use it for DNS
- Debian VM running docker containers
What is the best way to utilise the four spare NICs and route all traffic through a pfsense VM, without unduly exposing internal clients to unnecessary risk by having them all in a single subnet on proxmox host? In the future I'd like to access some containers externally, but not figured out how to safely do that yet.