I'm currently running OPNsense virtualised in Proxmox. It's a little confusing if you haven't run a custom firewall before but the setup was relatively simple and works flawlessly now that I understand it a bit better. The only downside being if you are running it on the same machine as your services need to restart your network will go down as well.

I had a bad experience with a pfSense VM once when I was still learning.

I was using that pfSense VM as my core router for my lab and got into a bit of a bootstrap problem after a long power outage because everything in my lab relied on DV switches through vSphere (which I couldn't manage and couldn't 'see' the hosts). After a tedious recovery, I pulled pfSense back to a physical box.

Lessons learned: always keep your core network router separate from anything that depends on it. lol. I do still use virtual pfSense for dev environments, though.

I run opnsense, which has a long a storied history with pfsense and in my opinion is better, on a VM in proxmox.

I have a cluster of three servers and I can live migrate the VMs around to do maintenance. It gets backed up to proxmox backup server so restoring from a bad upgrade, which I’ve never had happen, or severe experimentation, which happens frequently, is simple.

It’s also one less device to power on, and pay for. My cluster is running regardless and every watt less helps keep my wife happy.

I’ve never had any issues that I could attribute to it being run in a VM. It does my 1gbe fiber and a dozen vlans with no issues.

What hardware did you buy? I'm looking at building a new box for proxmox. Currently I'm using an old laptop with an extra ethernet port dongle to run proxmox and virtualize opnsense, unifi controller and a couple other lvms. From others posts i read, i the choice between bare metal or virtualized seems personal. I went with proxmox just to learn a thing or two about vm environments and its applications.

I currently use VyOS with it hosted on proxmox. I pass-through a 4-port network card and I get my full internet speed. It should be similar, but I will say it is nice being able to host other things on the proxmox host such as pihole. I keep only the router functions and core functions there, with another machine for other services

I run pfSense virtualized along with a wireguard vm and a couple of other vms for core services. A benefit of virtualization is that you can live migrate your router to another physical host if you ever need to do any hardware maintenance. It's nice being able to service the hardware without waiting until every user is asleep so you can safely bring your router down.

Thank you @coffelov for your timely post - I was going to post a very similar question myself today. What sort of hardware are you considering to use for your pfsense server?

There are a lot of possible solutions that could be suitable, wondering what sort of hardware you were thinking about.