Thanks a lot bmeeks.

@johnpoz Yeah that's correct, sorry. English is not my native language and i was to busy to try to not make some stupid error and so i explain bad this part sorry

@SteveITS said in pfSense Plus - licence - Proxmox Virtualization:

Correct. I believe Netgate has posted they will transfer a paid license once. I suspect the theory is most people are not changing hardware on production firewalls that often.

Thank you - sounds good. Then, I'll experiment with the CE edition all that I can to arrive at a good working form, then upgrade that to the Plus, and leave it for normal software updates.

What do the states show when you test that?

I assume that CentOS alias contains the correct two ports?

@NollipfSense
NICs are same as before.
Yes, it's a custom install using hypervisor VMM rather than Proxmox, this allows the Desktop OS Ubuntu to run natively rather than less performance as a KVM.
alt text

I changed the host OS from Disk1 to Disk2, but unsure how that could cause the error.
Anyway, the network is working after my work around, although I prefer to solve the issue for future smoother installs.

I am new here so, a moderator may kindly mark this thread as solved.
Thank you.

@eiger3970-0 said in Is remote access possible with virtualisation?:

Something to do with the ISP's CGNAT?

Look up that word in this forum.
It's known this makes NAT-not-possible.

@root1ng said in Can someone explain to me how i can do this ?:

the network card of the motherboard is disabled in the bios

Most of us who use Proxmox reserve that port for Proxmox...makes it a lot easy, and once you passthrough the PCIe NIC in your setup, Proxmox won't have a gateway. Please visit here: https://docs.netgate.com/pfsense/en/latest/recipes/virtualize-proxmox-ve.html

Hi,
Thanks for sharing that issue. I've exactly the same. Took long time to define the issue.
So, on Proxmox 8 at least, when installing pfsense in a standard way without UEFI, we are able to start the firewall and so on. issue is that when restarting on Proxmox 8, pfsense doesn't restart (note that if trying multiple time, seems some of the versions may restart. So, consider it also as a random issue).
Point of attention may be that it is working fine under Proxmox 6. Absolutely no issues with that version.

@Bob-Dig I got it to work! I think it was a conflict with trying to force a static IP on that LAN adapter. Allowing it to automatically get IP fixed it. I knew I was over complicating something. Much appreciated!

I don't use HAProxy, I couldn't really say how that might affect it. But anythijng that applied to I would expect to equally affect traffic from external IPs and it is not. The only significant difference there is the source IP used which I guess some of those might see. But I wouldn't expect a delay, it would just reject it instantly.
Just how 'slow' is it from internal clients?

@SteveITS cheers :-) muchly appreciated

That leaves me with the other option of me at some point configuring the OPT1 and OPT2 rules, in a way which I wouldnt normally configure them, then forgetting about it. Trip to the docs on the cards......

Labbing multiple scenarios and builds can mess with your head - at least I have an answer now!

@john24634
So you might want to be able to communicate with the outside world without limits.

So you should create a bridge in Debian first and then connect the VM to the bridge.

NAT means that the VM is on another subnet and the host nats the traffic.
Isolated means that the subnet cannot talk to the outside world, but only to other VMs, which are connected to the same virtual network.

Consider that you can add multiple virtual interface to the VM even if you have only a single physical NIC. For instance an isolated network to communicate with other VMs.

@DEHAAS I had a similar problem with a windows vm in proxmox. So I guess this is not specific to the VM OS, just Proxmox.

@eiger3970-0 I have never used OpenVPN because I don't allow any access to my internal network from the Internet, I just know that such access is best achieved through a VPN. I can't help you with OpenVPN config.

Regarding passing through the NIC, this is straightforward and explained here. After IOMMU setup, simply add a new PCI Device to your pfSense VM and pick your NIC [port] from the list. After rebooting pfSense, re-run the network configurator and choose the passed-through device as your WAN interface. Note: this directly connects the NIC (port) device to your pfSense VM, it will no longer be available to any other VM - this is usually preferable because everything on the local network should be behind the firewall.

The best way to intuitively understand VPNs is by imagining that the Internet doesn't exist and you have a really long Ethernet cable connecting the external device directly to the internal network i.e. it should pick up an internal IP address from your LAN's DHCP server.

Another point about OpenVPN in particular is that it supports 'split-tunnelling', which means that you can choose which traffic on your external device is routed through the VPN. All traffic is the default option but remember that this will increase latency and use up more of your home network Internet bandwidth. Maybe you only want Remote Desktop type software to route through, or SSH apps?