Use case: Remote truenas (scale) box connecting to local truenas (scale) instance to receive snapshots (from local truenas).
truenas scale 24.10.1
pfsense plus 24.11
I’m only permitted outbound capability at remote site. Remote TN configured to connect to my FQDN via wireguard.
Question is, do I
-
let pfsense handle the wireguard connection then route traffic (via firewall rule) to the TN instance
-
configure local truenas instance wireguard to accept remote peer. Configure pfsense only for wireguard port forwarding
Both truenas and pfsense exist as vm’s on the same proxmox device with the same number of vcpu’s assigned (4).
The only benefit I see is possible less cpu use as pfsense (freebsd) is not very efficient when virtualized (high cpu at line speeds).
What are the pros/cons of each arrangement?