Proxmox Home Lab Setup

This post is to get the initial lab setup - I will delve into desired firewall rule configuration for safe labbing in my next post. Will also cover SPICE installation for quality of life connections to your VM's. Other honorable mentions is setting up your AD environment - if you have never had to do that before we will cover some gotcha's like making sure your DC is your time server for the computers in your domain as properly reflecting correct time throughout is critical for proper analysis.

Next steps are setting up our Wazuh SIEM on Kali Purple and Velociraptor for memory dump analysis.

Proxmox VE https://www.proxmox.com/en/ - is a bare-metal hypervisor and a perfect platform choice for your home lab setup! I found my hardware choice on https://pcserverandparts.com/ for less than $500. A worthy investment if you plan to run multiple VMs in tandem for your simulations.

For convenience you can do this with the GUI now but once you install Proxmox successfully I recommend switching your update repository target away from the enterprise one as that is the default setting. You simply hit the add button and select the pve-no-subscription and disable the enterprise. Go back to Updates and hit Refresh followed by Upgrade and you will start pulling updates successfully.

Dump all your desired ISO's into your local drive image repository and you are ready to rock. You are going to need the VirtIO driver specifically for Windows machines. https://pve.proxmox.com/wiki/Windows_VirtIO_Drivers

I am using pfSense for my firewall as should you. I recommend configuring your Proxmox Networking before building your VM's. I start with this and typically the first VM I build after is the pfSense to start mapping out my desired VLAN configuration. I will allow all VM's built out through to the internet initially for convenient updating but afterward is when we drill into firewall rules to make sure hosts aren't talking to those they shouldn't.

Before you are able to recreate what you see pictured below you are going to need to open up the console and install openvswitch in order to get the OVS Bridge option when setting up your logical network.

apt install openvswitch-switch

Create your 3 VLANs as OVS IntPorts and then you create your OVS Bridge with the three ports you created.

Pictured above is my attachment of these logical ports to my pfSense VM. Below are the interfaces defined in pfSense. Noting the WAN is on same network segment that the Proxmox host is sitting on. Define your DHCP IP ranges for your VLANs. If you notice the pattern the vtnet1 is the same as net1 defined in Proxmox making the SOLVINGTECH lan my VLAN10 and so on.

You will know you are successful when you build out a VM and attach the corresponding VLAN as the network device and once spun up you're getting an IP from that DHCP pool.

Page updated

Report abuse