Getting Pfsense up and running in Proxmox

lexje

Hi,

I'm seeking some help with getting started with Pfsense running virtualized in Proxmox.
As this is a bit in between Pfsense and Proxmox, I have also posted in Proxmox forum.

What I have:

• Dell Optiplex 980, with i5 cpu
• onboard nic
• 2x Intel 1 GB nic
• Proxmox 8.2.7

Here's a view of the hardware config in Proxmox:

Network detail:
For the time being, I'd like to integrate the Pfsense vm in my local network. The range is 192.168.1.0/24.
192.168.1.1 is my router, therefore I have tried to configure my WAN nic as 192.168.1.2.

I have tried as much as possible to follow the Netgate Docs. But whenever I get to the stage where Pfsense will check network connectivity, the install / connection fails.

Question:
Once exited from the installer, I land in the terminal.
What commands can I enter on the cli to:

• check availability of the NIC's
• manually check functioning of the NIC's by pinging e.g. my network modem
• manually check the MAC address that is assigned to the 2 INTEL NIC's

Any further info that might help is hugely appreciated!
If you need me to post more info, please ask.

Thanks for helping out!

image of WAN nic

image of LAN nic

viragomann

@lexje said in Getting Pfsense up and running in Proxmox:

But whenever I get to the stage where Pfsense will check network connectivity, the install / connection fails.

Can you give some more details on this?
Which state exactly?
Any error message?

I'd disable the Firewall in Proxmox, at least for the installation process.

patient0

@lexje just a reminder: please don't double post. You started the exact same topic, same Getting up and running with Pfsense in Proxmox.

@mods, can you merge the two?

lexje

@patient0
Yes, sorry, don't know exactly what happened but:

• I could not edit the message after XXX minutes, and, as I had out of precaution copiet my post content, I backed out of the message that I could not edit, created a new (reply, I think) post, and pasted the content in.
• I thought I had deleted the "incomplete" post, but I guess with browser cache or such that something went wrong.

lexje

@viragomann
Hi,
As a matter of fact I'm not very proficient with Proxmox firewall settings, I'm just reading up on it as I write this reply.

No specific error message.
As you know Pfsense walks through a number of blue terminal pop-up like screens.
In the final stage, the installer tries to check connectivity "Trying to reach the Netgate Servers" but it fails to reach them.

I must admit that the whole is rather easy to get confused, particularly if you are not really familiar with the software.

That is why I (being old school) wanted to check what network card is up in Pfsense, normally I would expect to be able to "see" the MAC address. And possibly by using ping (if the nics worked) try by pinging to find out which adapter is WAN and which is LAN.

One thing I can mention in the mean time:
I have never used hardware pasthrough in Proxmox before. I read that it would need IOMMU, but my hardware being older I set out to try and find if it supports IOMMU.
In the mean time, I have enabled ALL virtualization capabilities on my machine.
And I am working on disabling Proxmox firewall.

• Should this be disabled on the vm level only?

viragomann

@lexje said in Getting Pfsense up and running in Proxmox:

As a matter of fact I'm not very proficient with Proxmox firewall settings

The firewall can disabled in the network interface settings.

In the final stage, the installer tries to check connectivity "Trying to reach the Netgate Servers" but it fails to reach them.

So it presumably has no internet access or cannot resolve hostnames.

That is why I (being old school) wanted to check what network card is up in Pfsense, normally I would expect to be able to "see" the MAC address. And possibly by using ping (if the nics worked) try by pinging to find out which adapter is WAN and which is LAN.

Proxmox shows the MAC addresses of the NIC and you can verify them in pfSense.

You can also detach a NIC in Proxmox. pfSense should show an according message then in the console.

I have never used hardware pasthrough in Proxmox before. I read that it would need IOMMU

VirtIO NICs connected to Proxmox bridges work pretty well.

lexje

@viragomann said in Getting Pfsense up and running in Proxmox:

So it presumably has no internet access or cannot resolve hostnames.

That might be a clue..
I have a Pi-Hole in the house that does DNS, it might very well be that the setting for that is not in the WAN config..

I'll try to figure that out later. At the moment I have also opnsense running as a test (using Proxmox helper scripts).
It is also not very easy out of the box, but at least after a couple of trials it is up and running, and I can approach the web interface. Also DNS lookups from within the web-interface work properly.

What is not working (yet) is the DHCP serving on the WAN nic. I've conntected an old hub and a secondary Macbook, but the macbook does not get an IP address.

I'll report back, but it might take a while.

stephenw10

Mmm, your WAN doesn't show an IP address at all. So if you're expecting it to pull a DHCP lease from somewhere then you probably have a L2 disconnect somewhere.