hey everyone!
I have a protecli box, that I’ve been using to run pfsense bare-metal for a year now with no issues, however now I I’d like to set up the box with proxmox and and have 3 vms running on it - pfsense (main firewall for lan), homeassistant, i have a bunch of hue lamps around the house so nothing too fancy and complicated and unifi controller for my ap and switches.
The box that I have has Quad Core i5 (8250U), 16gb of ram and a 256 ssd.
As far as my understanding goes I should have no problem running it hardware wise. (please correct me if I’m wrong)
The main concern that i have (is how to set up correctly the lan ports under proxmox so that the pfsense gets the internet form the wan port, and creates the local network that it shares through a lan to the switch,
but what is even more important that I don’t understand how to set up of even google the question (phrase it correctly) is how do i set up the lan access to the homeassistant vm, the unifi controller and the actual hypervisor (proxmox) itself - so that they get the internet from the pfsense box and not from the wan port itself.
I’d really appreciate pointers on where or how to look up the proper way to set up the lan passthrough.
Honestly I’m of the opinion that your firewall should be as simple as possible, and most likely be a hardware install
I think you will end up having headaches doing this. I did it for a while, and patching the hypervisor was a giant PITA and there was just so many layers of software you have to maintain
I’ve never used Proxmox, but in ESXi Terms which I’m sure follow over, you would create 2 Virtual Switches, one for WAN and one for LAN. There would be a WAN Port Group on the WAN VS which would get an interface in PFSENSE, and then you can create a Port group for each VLAN on the LAN VS, then just put those VM’s on whatever LAN side port group you want
I’m running Proxmox on a Zotac Zbox Nano CI323 with a Pfsense VM, Pihole VM, and an Ubuntu container running Emby and it works flawlessly.
In proxmox you have virtual switches which can either be completely internal, or you can have them bound to a physical network adapter. For my Pfsense VM I have one virtual switch which is bound to the NIC I use to connect to the modem, and a second virtual switch which is connected to the NIC I use for LAN connections. The pihole VM and Emby container are both connected to the latter virtual switch. Logically there’s no real difference from having two unmanaged switches on either side of a bare metal pfsense box. As long as you don’t connect a VM or Container to the vswitch connected to WAN NIC it works flawlessly.
When proxmox first starts it creates vswitch 0 which it also binds the management interface to. I recommend using that as your LAN vswitch and creating a second vswitch to bind to your WAN interface, makes it easier to not mistakenly connect a container or VM to the WAN side.
hey fellas, I really appreciate the time you took to answer, and your input - decided against visualizing although it seems as a good option simply due to my limited understanding o fdoing it. I can obviously watch youtube, but there were a couple of questions that i couldn’t confidently find answers to and decided simply going with the most straight forward answer.
Took me a lil while to answer but i appreciate the input, thx again!