Hi,
I use pfSense at the head of my intrastructre and I have a block of 16 public IPs at my disposale.
In pfSense, I have added all the IPs in Firewall -> Virtual IPs.
My question now is, how do I give a VM inside an xcp-NG cluster a public IP?
Thank you
You just assign it and do the routing with pfsense, but do you really want the public IP’s on each server? Why not NAT them through pfsense and only open the ports necessary?
Hi,
I will only have 2 VM with public IP as they will be my client’s ‘VPS’
The rest of the vm are all NAT via pfSense.
When you say ‘do the routing with pfsense’ do you mean creating a static route?
Not static route, but pfsense can do public IP on the other interfaces, you can learn more about that here:
https://docs.netgate.com/pfsense/en/latest/book/firewall/methods-of-using-additional-public-ip-addresses.html