Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Proxmox and securing host

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 544 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      zuperman
      last edited by

      I have successfully installed pfsense on proxmox. Great stuff, only 2W more compared to a dedicated hardware for PFSense.

      PFsense & DSL modem (bridge mode) is working.
      2 LAN ports on the motherboard, one for LAN with a static IP assigned and the other one with DHCP for the DSL modem.

      Question: do I need to additionally secure the proxmox host? I have not configured any firewall on the host, just in pfsense.

      1 Reply Last reply Reply Quote 0
      • ?
        A Former User
        last edited by

        Well it's up to you really.
        I have the same setup, Proxmox with a pfSense guest and that guest gives me my Internet access.
        I haven't bothered to do anything else to secure the Proxmox box.

        My thinking is that vmbr0 has only two connections in it, the physical port on my KVM box and the WAN port of pfSense.  It has no listening IP or Layer3 connectivity, so I don't see how the network could really be placed at risk.  Of course if I accidentally put an IP address on that vmbr0 then it could be, but I have PPPoE over the top anyway so there's still an additional layer of no-access.

        Really it's up to you.  If your network is very critical and security is a A1+ must, then most people would suggest a seperate physical firewall for proper isolation.  However if like me you're a home setup then I think you'll be fine as long as you keep a tight reign on your firewall rules.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.