• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Hetzner Proxmox host + pfSense vm networking

Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
2 Posts 2 Posters 2.7k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B
    booruszuru
    last edited by Aug 24, 2020, 6:55 PM

    Hello all i cant seem to make this work as i try to follow the guide here https://dannyda.com/2020/06/09/how-to-configure-nat-network-for-virtual-machine-vm-guest-os-on-proxmox-ve-6-2-pve-easily-works-for-vmware-esxi-too/

    i have a dedicated server with main ip
    178.**.**.75
    and ordered a second ip for pfsense
    178.**.**.79
    also ordered a subnet /29 for my vms to get it from pfsense
    88.**.***.40 to 88.**.***.47

    now my interfaces file is this

    auto lo
iface lo inet loopback

iface lo inet6 loopback

auto enp3s0
iface enp3s0 inet static
	address 178.**.**.75/32 # Hetzner Main IP
	gateway 178.**.**.65
	pointopoint 178.**.**.65

iface enp3s0 inet6 static
	address 2a01:4f8:120:82f8::1/128
	gateway fe80::1
	up sysctl -p

auto vmbr0
iface vmbr0 inet static
	address 178.**.**.75/32 Hetzner Main IP
	bridge-ports none
	bridge-stp off
	bridge-fd 0
	bridge-maxwait 0
        #Second IP for pfsense
	up ip route add 178.**.**.79/32 dev vmbr0
	# subnet
	up ip route add 88.**.***.40/32 dev vmbr0
	up ip route add 88.**.***.41/32 dev vmbr0
	up ip route add 88.**.***.42/32 dev vmbr0
	up ip route add 88.**.***.43/32 dev vmbr0
	up ip route add 88.**.***.44/32 dev vmbr0
	up ip route add 88.**.***.45/32 dev vmbr0
	up ip route add 88.**.***.46/32 dev vmbr0
	up ip route add 88.**.***.47/32 dev vmbr0
	# subnet
	
iface vmbr0 inet6 static
	address 2a01:4f8:120:82f8::2/64

auto vmbr1
iface vmbr1 inet manual
	bridge-ports none
	bridge-stp off
	bridge-fd 0

    the problem is when i configure my LAN using second ip i cant ping the host but if i use any of the usable ips from the subnet i can ping it and can access the pfsense dashboard

    can anyone help me out pls i am going crazy with this

    1 Reply Last reply Reply Quote 0
    • C
      chrcoluk
      last edited by chrcoluk Aug 28, 2020, 4:03 PM Aug 28, 2020, 3:44 PM

      I have a pfsense on VM on proxmix hetzner host, I dont route ip's from it though but use NAT instead.

      However I can tell you I dont have any ip route in the interfaces file for the pfsense ip.

      So the setup is something like this.

      vmbr0 is the wan switch. physical wan is connected to it.

      So no need for proxmox to route ip's for guests.

      So remove the ip route commands.

      Put on the 178 * 79 ip on pfsense, and use the hetzner assigned gateway ip for it, make sure this is connected to vmbr0, this should be enough to get pfsense internet access.

      I have never done a routable wan ip setup behind pfsense for ipv4 though, so needs someone else to chime in for that, but I dont think they should be routed on proxmox either. Hopefully someone can help you on that step.

      update

      I had a look at this.

      https://docs.netgate.com/pfsense/en/latest/book/routing/routing-public-ip-addresses.html

      So I would try this.

      Add a 2nd virtual nic to pfsense, connect it to vmbr0.

      Add the first routable ip to the 2nd nic, set no gateway.

      follow rest of guide.

      pfSense CE 2.7.2

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received