4. [Set Your Own Price] Proxmox pfSense Config

[Set Your Own Price] Proxmox pfSense Config

  • P

    Hi everyone! Thanks for taking the time to read my post.

    I've been trying to set this up for a while now and seem to keep running into brick walls, so I figured I may as well try and find someone who's better at this than I. Here's a rundown of my current situation:

    I currently rent a bare-metal server on which I have Proxmox running and three (3) available public IP addresses. I've been trying to set everything up in such a way that Proxmox will have 1 pub. IP while pfSense takes another. pfSense should also be running a DHCP server to assign private IPs for a LAN that should be using the firewall's IP address as a public IP.

    While I managed to get pfSense up and running on the public IP and apparently assigning LAN IPs, none of my VMs which are connected to the LAN interface can connect to the outside world, though I can ping the host machine and firewall (and could even access SSH on a previous attempt somehow). I'm looking for someone to properly set this up. I estimate that it shouldn't take long at all, especially since things are mostly set up, but I defer to you guys. I don't know what a fair payment for something like this would be, but I'm open to hearing what you consider a fair price for your time and expertise.

    Thanks again for all of your time.

    Best,
    P.

    0
  • J

    Hmm… The symptoms you describe are similar to the ones I see on a default XenServer install, it needs a few tricks to work.

    It might be VirtIO interfaces causing problems but I have no clue on how Proxmox works. Further research will be needed.

    I've found this related guides:
    https://web.archive.org/web/20160313055119/http://www.kaven.no/nb/blog/1510/dual-nic-proxmox-ve-40-beta-and-pfsense-22
    https://doc.pfsense.org/index.php/VirtIO_Driver_Support
    https://forum.pfsense.org/index.php?topic=88467.0

    You'll probably be able to work out something.

    0
  • J

    Did some testing today.

    Basically all you need to do is Disable hardware checksum offload under System > Advanced > Networking and reboot pfSense manually.

    0
  • L

    Hi,
    is there a way, how this can be done via shell?
    I mean the other option is to change the proxmox virtIO device to E1000, go into the GUI disable it, and change it back to virtIO.
    But this should be also possible per config file, via shell..?

    0
  • T

    You can edit config.xml via the shell using the command viconfig. I just tried toggling the setting on my system and did a diff between on and off.

    Before checking the option:

    After checking the option:

    
		<disablechecksumoffloading></disablechecksumoffloading>
		<ip_change_kill_states></ip_change_kill_states>

    Hope that helps you.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy