[PVE-User] Single host with public access to VM only
Gilles Mocellin
gilles.mocellin at nuagelibre.org
Mon Jul 7 15:46:41 CEST 2014
Le 07/07/2014 15:30, jon at whiteheat.org.uk a écrit :
> Hi,
>
> I have single box Proxmox setup, with 1 public IP on the host, and
> several VMs with private IPs, using Shorewall on the host to port-forward.
>
> What I'd like is 1 VM, with 2 interfaces running pfsense, with public and
> private IPs. Thus, being able to disable public access directly to the
> host, and instead giving it a private IP.
>
> So, what's the best way to do this?
I'm doing that, but not with pfSense.
You need another public IP address, which you assign to your pfsense VM,
on an interface bridged to the host's one (vmbr0 should do).
All your DMZ VMS should be bridge to an independent bridge vmbr1, where
you bridge the second interface of your pfSense VM.
If you can't have a second public IP, you will be in the same position
as you are now, redirecting some traffic arriving in the host to the
pfSense VM...
More information about the pve-user
mailing list