Separate network with different vlans, pfsense and Cloudflare Tunnel

binglenozumi

New Member
Oct 14, 2023
1
0
1
Hi everyone, I am new to proxmox, been using TrueNAS Scale but it gives me pain instead of learning, hence I wanna make a switch to Proxmox so that I can actually learn more things…

Anyway… So my homelab is like this, currently behind wireless router and assigned fix IP to it. As I am currently out of cash recently, hence is hard for me to add a firewall to fulfill my need (as my homelab device having 10Gb ethernet).

So I was thinking the below scenario in mind, not sure if that is feasible (or I believe it can be, just I am not 100% sure how it works). My aim is to:

1. Having pfsense to act as firewall, and then create different vlans with different IP range for different purpose (e.g. one for external facing LXC, one for VM, one for internal facing LXC)
2. Having Cloudflare WARP to reverse proxy some of the things (I’ll have some web servers), and hopefully using WARP to do device posture check for some private ones.

My question is… given that I want to have separate IP range for whatever before pfsense and after pfsense…

1. If I need to have Cloudflare tunnel to access pve Web UI, should that be behind pfsense (vmbr1) or before pfsense (vmbr0)? If my tunnel is before then can it still access whatever is at vmbr1?
2. If I also want the Cloudflare tunnel to access pfsense web UI (which suppose only can access using LAN instead of WAN), should I install cloudflared onto pfsense? Or should I separate that out using Tailscale instead?

Many thanks for everyones reply
 

Attachments

  • IMG_0253.png
    IMG_0253.png
    410.6 KB · Views: 8

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!