Skip to main content

Public VM Connectivity on Hetzner via PfSense

How to provide public IP connectivity to Proxmox VMs using PfSense as a gateway on Hetzner dedicated servers. Covers three methods: single extra IP with MAC reservation (full guide including PfSense setup), extra subnet routed to the host, and Hetzner vSwitch — with Methods 2 and 3 documented as deltas against Method 1.

Overview — Choosing Your Method

Diagram

Method 1 — Single Extra IP with MAC Reservation

OverviewHetzner allows you to order a single additional IPv4 and bind it to a virtual MAC address...

Method 2 — Extra Subnet Routed to Host

OverviewThis is the setup I run in my own lab — the one documented throughout this book with the ...

Method 3 — Hetzner vSwitch

OverviewBe honest with yourself before setting this up: if you're running one server, you don't n...

Why we do it this way

The whole reason this book exists comes down to one upstream rule: the network only forwards traf...

Lessons learned & gotchas

The single-MAC rule is the gotcha that catches everyone. A VM that "has no network" on a public ...
Back to top