How to setup this network?
-
Hello,
I'm new in virtualization and pfsense firewalls, so my question is maybe something simple, but I really need help with this network setup. You can see desired network design on image http://s17.postimg.org/qax926pv3/Network2.png or attach
So, there is one KVM host (CentOS7) with few virtual machines on LAN on segment 192.169.1.x.
In front of this LAN is pfsense VM .
There is one physical adapter in KVM host, connected to ADSL router via Ethernet (wired).
There are few other PCs connected to same router, wireless.Final goal is to have connectivity between VMs and internet and VMs and physical machines on wireless.
Some ports of VMs will be exposed to Internet, but that's second phase.
I will appreciate any help on this topic and I'm almost sure that complete answer to this question can be small tutorial useful for many users.
-
What exactly do you need help with.. Turning on pfsense that works.. Only thing you could have issues is the physical network pfsense "wan" is connected to can not be the same its lan is on.. 192.168.1 would not work for both wan and lan in pfsense.
That not how I would set it up.. Why do you not move that wifi behind pfsense on a different segment.. Also do you plan on pfsense natting between your vm network and your physical network? If not you run into an asynchronous routing issue between devices on pfsense wan network and lan network.
-
I need help with pfsense setup. I'm not sure if I understand your remark about Ip adresses, so you can suggest any change except changes on adsl router.
-
What do you need help with.. That setup would work out of the BOX… Except you can not have both 192.168.1.0/24 on pfsense WAN and on its lan... Change pfsense lan and the vm on it to say 192.168.2.0/24
-
also KVM might not be the best hypervisor to run pfsense on (performance wise)
https://forum.pfsense.org/index.php?topic=88467.0 -
pfsense WAN is on 192.168.10.x . Performance is not issue here, this is just testing environment. Just one more question and then I will try to setup. I shoud use physical adapter for WAN and virtual adapter for LAN on pfsense. right?
-
if pfsense wan is on 192.168.10 then your fine – your drawing was pretty small, couldn't really make out what that was at first look looked like 192.168.1 on wan as well.
Well if you want pfsense wan to be tied to your physical network, then yes in your VM software that needs to happen be it you passthru the physical to pfsense, or bridge it with vnic on pfsense for the wan, etc. I am not really 100% on how KVM does its networking.
How exactly are you going to manage the KVM machine? In esxi I would just connect that physical nic to a vswitch, in the pfsense a vnic connect to that vswitch would be the wan interface for pfsense. On the lan side I would create a vnic for lan tied to a vswitch for lan to connect the other vms too.. But just would not connect a physical nic on the vm host to this lan vswitch.
Out of the box pfsense does not allow access to its web gui via its wan, so you would either have to allow that or hit the pfsense webgui from one of the vms on its lan side.
-
I think that my problem is pfsense related. Which adapter on pfsense should be used for wan and which for LAN? And how to bridge everything to physical adapter (if I have to bridge).
Initially I have one re0 adapter on pfsense VM downloaded from pfsense.org. should I add second adapter. Maybe some of my questions are stupid one, but I think I'm close to solution, so if somebody knows answers, feel free to contribute.
-
How is 1 adapter going to work?? When you clearly have 2 in your drawing.. As to how to setup networking in KVM, your going to have to ask KVM forums/docs
Maybe someone help you in the virtual section of this forum, not sure why your post was not there to begin with?
More than happy to walk you through how to do it on esxi.. But like I said before not 100% how how things done in KVM.. As heper mentioned that might not be the best choice for vm pfsense. I can tell you with esxi its a no brainer and stable as all get out and performance is good.. Why are you picking KVM if you are not sure how to setup its network??
