Setup pfSense firewall only for my VMs

Z

ZombieDemonCop

New Member
Apr 14, 2024
7
0
1
I have a computer that I turned into a server. The motherboard's nic is only 100mbps so I added a pcie 1Gbps nic which I'm using as my primary and only nic. I want to setup pfSense as a firewall/router for all VMs that I'll setup on proxmox. I'm not going to be using pfSense for my home network. I just want to create an isolated network with proxmox. How can I achieve this ? The guides that I've come across are for setting up pfSense for their home network using 2 nics. I don't really want that.

In a nutshell, I don't want to disturb my existing home network and I want to create a virtual network for all my VMs and isolate them from my host network using pfSense firewall.

PS. I'm a beginner learning networking so I'm a bit new to proxmox and its networking capabilities.
Thanks.
 
Last edited:
Hey,

you can pass through one of the NICs to the pfSense VM and configure it to be WAN. Then create a second Linux Bridge in PVE and attach it to all VMs including the pfSense one, then configure it to be the LAN side in pfSense and setup a DHCP server on the vmbr interface(if you want DHCP in you VM-only network). So the pfSense is the gateway for all VMs.

Note machines on your normal network won't be able to communicate with VM since pfSense sets up NAT by default IRC.
 
  • Like
Reactions: ZombieDemonCop
Hannes Laimer said:
Hey,

you can pass through one of the NICs to the pfSense VM and configure it to be WAN. Then create a second Linux Bridge in PVE and attach it to all VMs including the pfSense one, then configure it to be the LAN side in pfSense and setup a DHCP server on the vmbr interface(if you want DHCP in you VM-only network). So the pfSense is the gateway for all VMs.

Note machines on your normal network won't be able to communicate with VM since pfSense sets up NAT by default IRC.
Click to expand...
Thanks for your reply. Can I do this without passing through. My current processor doesn't support VTd , i have a new one otw. In order for my machines to access the vms, I would need to portfoward right ?
 
Last edited:
You must log in or register to reply here.
Top Bottom