pfsense inside Proxmox
-
You should be able to access it if you followed instructions correctly. In the guide it shows you how to create two bridges, LAN and WAN. You should be able to access it via LAN assuming everything is correctly configured. Are the two bridges marked active?
-
Thanks for reply, ivor
I haven't installed it yet, just wanted to know prior installation. So basically Proxmox will receive an IP address from pfsense's DHCP server, and it will be accessible from LAN side (PC behind WiFi router, connected to LAN, for example)?
-
It'll make more sense once you actually start working on it :)
Your proxmox will have two NIC's, and once you assign the bridges to LAN / WAN, simply plug in to LAN and you will be able to access pfSense.
-
@ivor said in pfsense inside Proxmox:
simply plug in to LAN and you will be able to access pfSense.
Once again :) I was asking about access to Proxmox server from LAN, not the pfsense...
-
Use a network bridge on Proxmox for LAN and assign an IP address to it.
-
@viragomann
Thank you, will try -
@dave-opc Sorry! I missed the "will the Proxmox itself be accessible" part. @viragomann is correct there.
-
@dave-opc I would recommend against the proxmox host receiving its ip from a VM its running, that way lies madness ... especially when you reboot the host and it can't acquire an ip as the VM isn't running.
Static ip for the proxmox host. If you want everything on the same subnet with pfSense handing out IP's then reserve the proxmox host IP's in pfSense. Everything thats on the LAN side of pfSense will be able to access each other.
Will pfSense be handling your WAN connection as well?
nb. I'm just finishing migrating our WAN gateway to pfSense virtualised on a proxmox cluster. No issues with access to proxmox and clients.
-
@blackpaw29
That makes sense. -
@blackpaw29
The Proxmox machine is a server. It's never a good idea to have a dynamic IP on a server, of course.The Proxmox host machine should have a static IP in the LAN where also your management PC has an IP. So there's no need to have the virtualized firewall up and working to get access to the host machine.
