Virtualizing pfSense with PVE

thyewah

New Member
Oct 3, 2021
2
0
1
34
I am new to Proxmox and would like to run pfsense virtualised in PVE. I have an Intel i350-T4 NIC (currently using only enp2s0f0 and enp2s0f1) and onboard ethernet Intel I219-V (eno1).

I was able to install pfsense VM sucessfully by following the guide in the link (https://docs.netgate.com/pfsense/en/latest/recipes/virtualize-proxmox-ve.html). I started pfSense VM, assigned vmbr1 to WAN (connects to my modem) and vmbr2 to LAN (connects to my switch). WAN is set to DHCP (assigned by my ISP) and LAN is set to static IP 10.0.0.1.

However, I am unable to access Proxmox management GUI when I am connected to the LAN (enp2s0f1/vmbr2) unless I unplugged it from LAN and connect it to my onboard ethernet (eno1/vmbr0). I am wondering what should the IP and gateway of the PVE be? Do I have to change/add any settings in PVE or pfsense? Currently I am using static IP 10.10.10.2 and gateway 10.10.10.1 for Proxmox management GUI.

proxmox.png
 
Your Proxmox IP and gateway is asigned to vmbr0 so you can only access it from stuff connected to vmbr0. If you want to access it from vmbr2 too you need to assign a IP to vmbr2. Keep in mind that no host should got 2 IPs in the same subnet. So I would move gateway and IP from vmbr0 to vmbr2 if vmbr2 is your new LAN.

By the way...I would also create a DMZ so you got as isolated subnet for VMs/LXCs that should be reachable from the internet but should get no access to your LAN.
 
Last edited:
Your Proxmox IP and gateway is asigned to vmbr0 so you can only access it from stuff connected to vmbr0. If you want to access it from vmbr2 too you need to assign a IP to vmbr2. Keep in mind that no host should got 2 IPs in the same subnet. So I would move gateway and IP from vmbr0 to vmbr2 if vmbr2 is your new LAN.

By the way...I would also create a DMZ so you got as isolated subnet for VMs/LXCs that should be reachable from the internet but should get no access to your LAN.

Thank you for your reply. Do you mean that I have to set the Proxmox management interface to be the same as my pfsense LAN interface and setting the same static IP address?
 
Yes, if you want to manage your PVE from your LAN it needs a IP in that LAN subnet or you need to somehow route stuff from LAN to vmbr0.
If it needs to be the same or another IP depends...must be a IP from your LAN subnet range. And PVE somehow need to go online to download updates, so you might want to point your gateway IP to your pfsenses LAN IP address too.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!