Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsIT Pro and developersProxmox + pfsense
davidcole

6099 posts

Uber Geek
+1 received by user: 1465

Trusted

#296186 28-May-2022 15:19
Send private message

I’m trying out Proxmox as a possible replacement for my hyper-v windows 10 machine.

 

Because of reasons, I can’t use vlans.  I know why, and have tested those successfully.  Ultimately I’d end up with most of my Proxmox machines on a different vlan to my standard network.

 

so then I made a small container with a dhcp server that was working fine, but when I started on containers nat’ted in behind that dhcp server, I then came up against Proxmox firewall rules, and trying to  get port forwards to work.

 

So the. I thought. Well what about pfsense. So I set up one of those with 3 interfaces.  
The WAN being my main network (192.168.10.0/24), with Proxmox bridge vmbr0.  it’s on dhcp and got an address, and I put in a simple firewall rule allowing management from the wan side.

 

the 2nd interface is a new bridge in Proxmox (vmbr2), with an 192.168.15.0/24 network not bridging the main Ethernet port.  This is loaded into pfsense as subnet15 and has dhcp on it.

 

the 3rd interface is another bridge in Proxmox (vmbr3) listed as opt.

 

so I then have a couple of vms and containers, where they use vmbr2 as the bridge.  When they start, they get dhcp from pfsense and correctly come up on the 192.168.15 network.

 

and from one of the vm, being windows, I can connect to the other vms in that 15 network.

 

my problem is port forwarding from the “wan” Side. One of the other vms is plex.  Running as default. From the windows vm I can navigate to the plex vm on port 32400 and can see plex.

 

I have a port forward rule from the wan to port 32400 on the plex vm.  But no matter what I do I can’t get this to work from other machines on my network.  On the pfsense machine a port test from the wan side says it’s successful.  But any other machine on my network can’t hit the port forward rule.

 

I haven’t, now that I write this, tried a curl from the Proxmox host to port 32400 to see if that gets a response.   I suspect it’s something with the bridges vmbr0 (my main lan, which pulls from my routers dhcp - and the wan side of pfsense) and vmbr2.

 

im not sure what I can post here for reference, so any thoughts and I can post screen shots and configs.




Previously known as psycik

Home Assistant: Gigabyte AMD A8 Brix, Home Assistant with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Shelly Humidity and Temperature sensors
Media:Chromecast v2, ATV4 4k, ATV4, HDHomeRun Dual
Server Host Plex Server 3x3TB, 4x4TB using MergerFS, Samsung 850 evo 512 GB SSD, Proxmox Server with 1xW10, 2xUbuntu 22.04 LTS, Backblaze Backups, usenetprime.com fastmail.com Sharesies Trakt.TV Sharesight 

Create new topic
davidcole

6099 posts

Uber Geek
+1 received by user: 1465

Trusted

  #2919709 28-May-2022 15:25
Send private message

I just tried a curl on the Proxmox host to the pfsense vm ip (192.168.10.113) on port 32400 and it gets nothing.  
the port forward rule could be set up wrong, I followed my nose with it.

 

 

so if I’ve read this properly, from wan side to subnet15 allow port 32400 to 192.168.15.11 (the plex vm) on port 32400.




Previously known as psycik

Home Assistant: Gigabyte AMD A8 Brix, Home Assistant with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Shelly Humidity and Temperature sensors
Media:Chromecast v2, ATV4 4k, ATV4, HDHomeRun Dual
Server Host Plex Server 3x3TB, 4x4TB using MergerFS, Samsung 850 evo 512 GB SSD, Proxmox Server with 1xW10, 2xUbuntu 22.04 LTS, Backblaze Backups, usenetprime.com fastmail.com Sharesies Trakt.TV Sharesight 



freitasm
BDFL - Memuneh
80658 posts

Uber Geek
+1 received by user: 41072

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2919723 28-May-2022 15:48
Send private message

From port should be Any or is it always that port?

Edit : sorry, just saw it is a range.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

davidcole

6099 posts

Uber Geek
+1 received by user: 1465

Trusted

  #2919726 28-May-2022 16:09
Send private message

Ohh, got it.  That destination, I had DUBNET15 (which seems logical to me), but I found something that it should be any.  So I changed it to that and now putting ip of pfsense mach8ne and plex port gets me to a plex page.




Previously known as psycik

Home Assistant: Gigabyte AMD A8 Brix, Home Assistant with Aeotech ZWave Controller, Raspberry PI, Wemos D1 Mini, Zwave, Shelly Humidity and Temperature sensors
Media:Chromecast v2, ATV4 4k, ATV4, HDHomeRun Dual
Server Host Plex Server 3x3TB, 4x4TB using MergerFS, Samsung 850 evo 512 GB SSD, Proxmox Server with 1xW10, 2xUbuntu 22.04 LTS, Backblaze Backups, usenetprime.com fastmail.com Sharesies Trakt.TV Sharesight 

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright