Hi everyone, I am new to proxmox, been using TrueNAS Scale but it gives me pain instead of learning, hence I wanna make a switch to Proxmox so that I can actually learn more things…
Anyway… So my homelab is like this, currently behind wireless router and assigned fix IP to it. As I am currently out of cash recently, hence is hard for me to add a firewall to fulfill my need (as my homelab device having 10Gb ethernet).
So I was thinking the below scenario in mind, not sure if that is feasible (or I believe it can be, just I am not 100% sure how it works). My aim is to:
1. Having pfsense to act as firewall, and then create different vlans with different IP range for different purpose (e.g. one for external facing LXC, one for VM, one for internal facing LXC)
2. Having Cloudflare WARP to reverse proxy some of the things (I’ll have some web servers), and hopefully using WARP to do device posture check for some private ones.
My question is… given that I want to have separate IP range for whatever before pfsense and after pfsense…
1. If I need to have Cloudflare tunnel to access pve Web UI, should that be behind pfsense (vmbr1) or before pfsense (vmbr0)? If my tunnel is before then can it still access whatever is at vmbr1?
2. If I also want the Cloudflare tunnel to access pfsense web UI (which suppose only can access using LAN instead of WAN), should I install cloudflared onto pfsense? Or should I separate that out using Tailscale instead?
Many thanks for everyones reply
Anyway… So my homelab is like this, currently behind wireless router and assigned fix IP to it. As I am currently out of cash recently, hence is hard for me to add a firewall to fulfill my need (as my homelab device having 10Gb ethernet).
So I was thinking the below scenario in mind, not sure if that is feasible (or I believe it can be, just I am not 100% sure how it works). My aim is to:
1. Having pfsense to act as firewall, and then create different vlans with different IP range for different purpose (e.g. one for external facing LXC, one for VM, one for internal facing LXC)
2. Having Cloudflare WARP to reverse proxy some of the things (I’ll have some web servers), and hopefully using WARP to do device posture check for some private ones.
My question is… given that I want to have separate IP range for whatever before pfsense and after pfsense…
1. If I need to have Cloudflare tunnel to access pve Web UI, should that be behind pfsense (vmbr1) or before pfsense (vmbr0)? If my tunnel is before then can it still access whatever is at vmbr1?
2. If I also want the Cloudflare tunnel to access pfsense web UI (which suppose only can access using LAN instead of WAN), should I install cloudflared onto pfsense? Or should I separate that out using Tailscale instead?
Many thanks for everyones reply
