Le 07/07/2014 15:30, [email protected] a écrit : > Hi, > > I have single box Proxmox setup, with 1 public IP on the host, and > several VMs with private IPs, using Shorewall on the host to port-forward. > > What I'd like is 1 VM, with 2 interfaces running pfsense, with public and > private IPs. Thus, being able to disable public access directly to the > host, and instead giving it a private IP. > > So, what's the best way to do this?
I'm doing that, but not with pfSense. You need another public IP address, which you assign to your pfsense VM, on an interface bridged to the host's one (vmbr0 should do). All your DMZ VMS should be bridge to an independent bridge vmbr1, where you bridge the second interface of your pfSense VM. If you can't have a second public IP, you will be in the same position as you are now, redirecting some traffic arriving in the host to the pfSense VM... _______________________________________________ pve-user mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
