Hi @DDD
If you want your Proxmox to be visible to your “LAN”, just put in a free IP of the LAN eg:
192.168.0.61/24
Where 192.168.0.61 would be the Internal IP of your Proxmox.
Note:
Do NOT add in a Gateway here - Proxmox can only use one gateway!
For this reason Proxmox is available on your LAN, but will not be available over VPN, as Proxmox will use it’s default gateway.
On my Proxmox at Hetzner vmbr0 is LAN, vmbr1 is WAN…
Additional Notes:
As I understand, you also have a “Server Public IP” (Haupt-IP) and an additional Subnet of 6 usable IPs.
My Setup:
Main IP of the Server (Haupt-IP)
Additional Pool of IPs:
IP: x.x.x.248
Subnet Mask:255.255.255.248 ( /29 )
8 IPs, 6 usable.
Proxmox Network allocations:
vmbr0 = LAN 172.26.11.61
vmbr1= WAN (Haupt-IP) (Not used by any VMs!)
vmbr2 = WAN x.x.x.249 (1st IP of the Subnet - after the network address!)
My OPNsense Firewall uses vmbr2 for it’s WAN connection (WAN x.x.x.250/29).
In your case, this would need to be the RED NIC.
The GREEN NIC would be on vmbr0 in my setup.
On OPNsense I needed to set up 4 things:
- Virtual IPs
- One 2 One NAT
- Outgoing NAT
- Port Forwarding (The actual forwarding / firewall rules)
I have no idea if NethServer can handle several 1:1 NATs…
On Proxmox, the trick with vmbr2 is needed, as the additional subnet is “routed” via the main server IP, but because both IPs are in different ranges, the first one has to go to Proxmox…
Hope this helps…
My 2 cents
Andy
PS: The plan shown in the beginning of this thread is this exact setup, maybe helps in visualizing the situation…