Hi,
I believe with just one port for opnsense (on a min-pc) we can still do vlans (with tagging I believe?) but how effective is that for segregating and isolating proxmox machines?
Say I want to keep a VPN machine isolated, from other virtual machines? How would you do that? Do you have any tips for running such a system?
If the opnsense interface on the WAN VLAN has a public routable IP address there shouldn’t be a problem with double NAT. Double NAT should only be a problem if they have a crappy ISP that’s using CGNAT.
Edit: never mind, I reread your comment. We’re saying the same thing essentially.