Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [Set Your Own Price] Proxmox pfSense Config

    Scheduled Pinned Locked Moved Bounties
    5 Posts 4 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      ppacheco
      last edited by

      Hi everyone! Thanks for taking the time to read my post.

      I've been trying to set this up for a while now and seem to keep running into brick walls, so I figured I may as well try and find someone who's better at this than I. Here's a rundown of my current situation:

      I currently rent a bare-metal server on which I have Proxmox running and three (3) available public IP addresses. I've been trying to set everything up in such a way that Proxmox will have 1 pub. IP while pfSense takes another. pfSense should also be running a DHCP server to assign private IPs for a LAN that should be using the firewall's IP address as a public IP.

      While I managed to get pfSense up and running on the public IP and apparently assigning LAN IPs, none of my VMs which are connected to the LAN interface can connect to the outside world, though I can ping the host machine and firewall (and could even access SSH on a previous attempt somehow). I'm looking for someone to properly set this up. I estimate that it shouldn't take long at all, especially since things are mostly set up, but I defer to you guys. I don't know what a fair payment for something like this would be, but I'm open to hearing what you consider a fair price for your time and expertise.

      Thanks again for all of your time.

      Best,
      P.

      1 Reply Last reply Reply Quote 0
      • J
        JorgeOliveira
        last edited by

        Hmm… The symptoms you describe are similar to the ones I see on a default XenServer install, it needs a few tricks to work.

        It might be VirtIO interfaces causing problems but I have no clue on how Proxmox works. Further research will be needed.

        I've found this related guides:
        https://web.archive.org/web/20160313055119/http://www.kaven.no/nb/blog/1510/dual-nic-proxmox-ve-40-beta-and-pfsense-22
        https://doc.pfsense.org/index.php/VirtIO_Driver_Support
        https://forum.pfsense.org/index.php?topic=88467.0

        You'll probably be able to work out something.

        My views have absolutely no warranty express or implied. Always do your own research.

        1 Reply Last reply Reply Quote 0
        • J
          JorgeOliveira
          last edited by

          Did some testing today.

          Basically all you need to do is Disable hardware checksum offload under System > Advanced > Networking and reboot pfSense manually.

          My views have absolutely no warranty express or implied. Always do your own research.

          1 Reply Last reply Reply Quote 0
          • L
            logo78
            last edited by

            Hi,
            is there a way, how this can be done via shell?
            I mean the other option is to change the proxmox virtIO device to E1000, go into the GUI disable it, and change it back to virtIO.
            But this should be also possible per config file, via shell..?

            1 Reply Last reply Reply Quote 0
            • T
              TauCeti
              last edited by

              You can edit config.xml via the shell using the command viconfig. I just tried toggling the setting on my system and did a diff between on and off.

              Before checking the option:

              After checking the option:

              
              		<disablechecksumoffloading></disablechecksumoffloading>
              		<ip_change_kill_states></ip_change_kill_states>
              
              

              Hope that helps you.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.