Hi,

I believe with just one port for opnsense (on a min-pc) we can still do vlans (with tagging I believe?) but how effective is that for segregating and isolating proxmox machines?

Say I want to keep a VPN machine isolated, from other virtual machines? How would you do that? Do you have any tips for running such a system?

  • mangaskahn@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    11 months ago

    If the opnsense interface on the WAN VLAN has a public routable IP address there shouldn’t be a problem with double NAT. Double NAT should only be a problem if they have a crappy ISP that’s using CGNAT.

    Edit: never mind, I reread your comment. We’re saying the same thing essentially.