Hi !
I encounter a problem with the WAN configuration of my proxmox.
I try here to have a Proxmox with Pfsense as a firewall for a group of 3~4 vm's behind, the thing here is I'm completely stuck to have a Wan connection on my Pfsense (and by extension on my Vm's).
The pfsense is meant to redirect all the trafic coming from the public IP on the right vm and the NAT configuration is directly on the proxmox with IPtables.
I followed many tutorials ont he internet but I'm unable to ping the outside with my actual configuration.
Here the configuration I've done with the proxmox web interface:
I also see a strange thing in my route -n where somes routes for Vmbr0 are in double
The 10.2.2.0 is a future route to be used by the VPN solution but is not in use now.
This route problem can also be seen in my ifconfig where eno3 and vmbr0 have the same configuration.
I configured all my IPtables accordingly, I can ping all the internal network from my pfsense but I'm still unable to ping the outside.
If you have any hint this would be amazing, I'm looking for this since fews days now
I encounter a problem with the WAN configuration of my proxmox.
I try here to have a Proxmox with Pfsense as a firewall for a group of 3~4 vm's behind, the thing here is I'm completely stuck to have a Wan connection on my Pfsense (and by extension on my Vm's).
The pfsense is meant to redirect all the trafic coming from the public IP on the right vm and the NAT configuration is directly on the proxmox with IPtables.
I followed many tutorials ont he internet but I'm unable to ping the outside with my actual configuration.
Here the configuration I've done with the proxmox web interface:
auto lo
iface lo inet loopback
iface eno2 inet manual
iface eno1 inet manual
iface eno4 inet manual
iface eno3 inet manual
auto vmbr0
iface vmbr0 inet static
address 217.xxx.xxx.xxx
netmask 255.255.255.0
gateway 217.xxx.xxx.xxx
bridge_ports eno3
bridge_stp off
bridge_fd 0
auto vmbr1
iface vmbr1 inet static
address 10.0.0.1
netmask 255.255.255.252
bridge_ports WAN
bridge_stp off
bridge_fd 0
auto vmbr2
iface vmbr2 inet static
address 192.168.9.1
netmask 255.255.255.0
bridge_ports LAN
bridge_stp off
bridge_fd 0
post-up /root/kvm-networking-up.sh
iface lo inet loopback
iface eno2 inet manual
iface eno1 inet manual
iface eno4 inet manual
iface eno3 inet manual
auto vmbr0
iface vmbr0 inet static
address 217.xxx.xxx.xxx
netmask 255.255.255.0
gateway 217.xxx.xxx.xxx
bridge_ports eno3
bridge_stp off
bridge_fd 0
auto vmbr1
iface vmbr1 inet static
address 10.0.0.1
netmask 255.255.255.252
bridge_ports WAN
bridge_stp off
bridge_fd 0
auto vmbr2
iface vmbr2 inet static
address 192.168.9.1
netmask 255.255.255.0
bridge_ports LAN
bridge_stp off
bridge_fd 0
post-up /root/kvm-networking-up.sh
I also see a strange thing in my route -n where somes routes for Vmbr0 are in double
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 217.xx.xx.xx 0.0.0.0 UG 0 0 0 eno3
10.0.0.0 0.0.0.0 255.255.255.252 U 0 0 0 vmbr0
10.2.2.0 10.0.0.2 255.255.255.0 UG 0 0 0 vmbr0
192.168.9.0 10.0.0.2 255.255.255.0 UG 0 0 0 vmbr0
217.xx.xx.0 0.0.0.0 255.255.255.0 U 0 0 0 eno3
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 217.xx.xx.xx 0.0.0.0 UG 0 0 0 eno3
10.0.0.0 0.0.0.0 255.255.255.252 U 0 0 0 vmbr0
10.2.2.0 10.0.0.2 255.255.255.0 UG 0 0 0 vmbr0
192.168.9.0 10.0.0.2 255.255.255.0 UG 0 0 0 vmbr0
217.xx.xx.0 0.0.0.0 255.255.255.0 U 0 0 0 eno3
The 10.2.2.0 is a future route to be used by the VPN solution but is not in use now.
This route problem can also be seen in my ifconfig where eno3 and vmbr0 have the same configuration.
I configured all my IPtables accordingly, I can ping all the internal network from my pfsense but I'm still unable to ping the outside.
If you have any hint this would be amazing, I'm looking for this since fews days now