pfSense on Dell Optiplex with Proxmox
-
Hi all, I've purchased a Dell Optiplex SFF and have put a 4 NIC card in it. I've installed proxmox on it and the plan was to then install pfSense on it.
The plan is to have pfSense as the WAN link from my FTTP box and removing my modem that I currently have and put it in bridge mode for wireless AP. If I go this route, how can I ensure that Proxmox isn't exposed to the internet, would it be best to have one dedicated NIC as the WAN and assigned to pfSense?
Once I have this setup, I will then be looking to implement a few VLAN's as per the below:
VLAN 10 - General (desktops, laptops, server and nas
VLAN 20 - Cameras
VLAN 30 - WirelessI imagine that I will need to have the appropriate VLAN's setup and configured in pfSense and then the appropriate tagging on my switch (TP-Link layer 2).
Also, would it be possible to have pfSense on my server and have it for HA or would it not be worth it without another internet connection?
Open to any feedback, thank you.
-
@anotherguy82 Tons of people run pfsense virtualized on Proxmox and I think the most common setup is to have dedicated NIC's for both WAN and LAN. And the preferred setup is to do passthru (IOMMU) of those NICs so that pfsense is the only machine accessing them (giving optimal performance).
So you assign two out of your four NIC's to pfsense and the others will be available to Proxmox and your VM's. Nothing other than pfsense WAN is exposed to the internet.
You have to make sure virtualization is enabled in the Optiplex BIOS to make this work though.
On the topic of VLAN's, yes your TP-Link Layer 2 switch will support that perfectly fine.