cloudflare · marciocloudflare · Jul 21, 2025 · Jun 24, 2025 · Jun 24, 2025 · Jun 24, 2025
@@ -1,6 +1,7 @@
 ---
 pcx_content_type: how-to
-title: Configure virtual Connector
+title: Configure Virtual Connector
+description: Learn how to configure Magic WAN Virtual Connector on VMWare ESXi or Proxmox Virtual Environment
 sidebar:
   order: 4
 ---
@@ -14,7 +15,7 @@ import { Render } from "~/components";
 	productName: "Virtual Connector",
 	wan: "needs to correspond to the virtual network interface on the Virtual Connector instance you have set up in VMware. Following our example from the previous steps, you need to choose port `1` since that is what corresponds to the `eno1` port we set up in VMware.",
 	lan: "needs to correspond to the virtual LAN interface on the Virtual Connector instance you have set up in VMware. Following our example from the previous steps, you need to choose port `2` since that is what corresponds to the `eno2` port we set up in VMware.",
-	noConnectorShows: "For a Virtual Connector to show up you need to have already obtained your [OVA package and licence keys](#obtain-the-virtual-connector-image).",
+	noConnectorShows: "For a Virtual Connector to show up you need to: <br /><ul><li><strong>VMWare:</strong> Have already obtained your OVA package and license keys if you are installing on VMWare.</li><li><strong>Proxmox:</strong> Have already obtained your Virtual Connector Script and license keys if you are installing on Proxmox.</li></ul>\nFor more information, refer to [Configure a virtual machine](#configure-a-virtual-machine) and select the appropriate tab.\n",
 	shippedLanguage: "Virtual Magic WAN Connector is deactivated after you install it",
 	hardSoftConn: "You need to install two Virtual Connectors before you can set up a site in high availability.",
 	finalInstructions:  "Follow the instructions in [Activate Connector](#activate-connector) to finish setting up your Connectors."

@@ -10,11 +10,11 @@ params:
   - finalInstructions
 ---
 
-import { AnchorHeading, Aside, Card, Code, GlossaryTooltip, Markdown, Render, TabItem, Tabs } from "~/components";
+import { AnchorHeading, Aside, Card, Code, GlossaryTooltip, Markdown, Render, Tabs, TabItem } from "~/components";
 
 { props.magicWord === "virtual" && (
 	<>
-		<p>Virtual Magic WAN Connector (Virtual Connector) is a virtual appliance alternative to the hardware based Magic WAN Connector appliance. These two versions of Connector are identical otherwise.</p>
+		<p>Virtual Magic WAN Connector (Virtual Connector) is a virtual appliance alternative to the hardware based Magic WAN Connector appliance. These two versions of Connector are identical otherwise.</p> <p>Currently, you can set up Virtual Connector on VMWare ESXi and Proxmox Virtual Environment. Support for Proxmox is in beta.</p>
 	</>
 	)
 }
@@ -39,7 +39,7 @@ import { AnchorHeading, Aside, Card, Code, GlossaryTooltip, Markdown, Render, Ta
   <>
 		<Markdown
 		text={`
-		Before you can install Virtual Connector, you need an Enterprise account with Magic WAN enabled. Additionally, you need to have a VMware host with sufficient compute, memory, and storage to run the virtual machine with Virtual Connector. This includes:
+		Before you can install Virtual Connector, you need an Enterprise account with Magic WAN enabled. Additionally, you need to have a VMware or Proxmox host with sufficient compute, memory, and storage to run the virtual machine with Virtual Connector. This includes:
     - Intel x86 CPU architecture
     - ESXi hypervisor 7.0U1 or higher
     - 4 virtual CPUs per virtual connector (We recommend deployment with a 1:1 virtual CPU to physical core allocation to avoid CPU over contention which will cause packet loss.)
@@ -48,7 +48,9 @@ import { AnchorHeading, Aside, Card, Code, GlossaryTooltip, Markdown, Render, Ta
     - One vSwitch port group or VLAN with access to the Internet (for example, through a WAN)
     - One or more vSwitch port group or VLAN that will be the internal LAN
 
-    Refer to [VMware's documentation](https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.esxi.install.doc/GUID-B2F01BF5-078A-4C7E-B505-5DFFED0B8C38.html) for more information on how to install ESXi and configure a virtual machine.
+    If you are installing Virtual Connector on ESXi, refer to [VMware's documentation](https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.esxi.install.doc/GUID-B2F01BF5-078A-4C7E-B505-5DFFED0B8C38.html) for more information on how to install ESXi and configure a virtual machine.
+
+		If you are installing Virtual Connector on Virtual Environment, refer to [Proxmox documentation](https://www.proxmox.com/en/products/proxmox-virtual-environment/get-started) for more information on how to install Virtual environment and configure a virtual machine.
 		`}
 		inline={false}
 		/>
@@ -65,11 +67,11 @@ There are a couple of decisions you need to make when installing your {props.pro
 
 ### Determine the need for a high availability configuration
 
-You can install up to two {props.productName}s for redundancy at each of your sites. If one of your Connectors fail, traffic will fail over to the other Connector ensuring that you never lose connectivity to that site.
+You can install up to two {props.productName}s for redundancy at each of your sites. If one of your Connectors fails, traffic will fail over to the other Connector ensuring that you never lose connectivity to that site.
 
 In this type of high availability (HA) configuration, you will choose a reliable LAN interface as the HA link which will be used to monitor the health of the peer connector. HA links can be dedicated links or can be shared with other LAN traffic.
 
-You must decide the type of configuration you want for your site from the beginning: no redundancy or with redundancy. You cannot add redundancy after finishing configuring your dashboard settings. If, at a later stage, you decide to enable redundancy, you will need to delete your Connector on-ramp in the Cloudflare dashboard, and start again.
+You must decide the type of configuration you want for your site from the beginning: no redundancy or with redundancy. You cannot add redundancy after finishing the configuration of your dashboard settings. If, at a later stage, you decide to enable redundancy, you will need to delete your Connector on-ramp in the Cloudflare dashboard, and start again.
 
 <Card title="Do you need a high availability configuration?" icon="information">
 
@@ -147,10 +149,15 @@ You cannot enable high availability for an existing Connector on-ramp. To add hi
 
 { props.magicWord === "virtual" && (
   <>
-		<AnchorHeading title="Obtain the Virtual Connector image" depth={2} />
+		<AnchorHeading title="Configure a virtual machine" depth={2} />
+		<p>Select the appropriate tab below to learn how to configure Virtual Connector on VMWare ESXi or Proxmox Virtual Environment.</p>
+
+		<Tabs> <TabItem label="VMWare ESXi">
 
 		<Markdown
 		text={`
+		**1. Obtain the VMWare image**
+
 		Contact your account team at Cloudflare to obtain the Virtual Connector OVA package and license keys. The OVA image includes the files required to install and configure the virtual machine (VM) for Virtual Connector with the appropriate settings. Refer to [VMWare VMs documentation](https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-AE61948B-C2EE-436E-BAFB-3C7209088552.html) for more information on this topic.
 
 		This image can be deployed multiple times to create several instances of a Virtual Connector, in different locations or on the same ESXi host.
@@ -160,10 +167,11 @@ You cannot enable high availability for an existing Connector on-ramp. To add hi
 		inline={false}
 		/>
 
-		<AnchorHeading title="Deploy the Virtual Connector on VMware" depth={2} />
-
 		<Markdown
 		text={`
+
+		**2. Deploy the Virtual Connector on VMware**
+
 		The following instructions assume you already have VMware ESXi hypervisor installed with sufficient resources. Refer to [Prerequisites](#prerequisites) for more information.
 
 		1. When setting up your VMware ESXi, you need to create port groups for Virtual Connector. Go to **Networking** > **Port groups**, and prepare your vSwitch port groups and/or VLANs for your desired network topology. For example, a simple deployment typically has:
@@ -174,23 +182,7 @@ You cannot enable high availability for an existing Connector on-ramp. To add hi
 		inline={false}
 		/>
 
-		<Aside title="VLAN tagging">
-		<Markdown
-		text={`
-		Virtual Connector supports creating subinterfaces through the use of [802.1Q VLAN tagging](https://en.wikipedia.org/wiki/IEEE_802.1Q).
-
-		Use VLAN ID <code>0</code> when:
-
-		- Connected to a Port Group or Distributed Port Group that is associated with a specific VLAN.
-		- Connected to a Port Group or Distributed Port Group that is configured as a trunk that requires untagged packets.
-
-		You can also configure subinterfaces on the Virtual Connector by associating the network interface with a Port Group or Distributed Port Group trunk and specifying a VLAN ID in addition to the port associated with the network interface (VLAN ID <code>1</code>-<code>4094</code>).
-
-		Refer to [VMware's documentation](https://kb.vmware.com/s/article/1003825) for more information.
-		`}
-		inline={false}
-		/>
-		</Aside>
+		<Render file="mconn/vlan-tagging" product="networking-services" params={{	url: "[VMware's documentation](https://kb.vmware.com/s/article/1003825)" }}/>
 
 		<Markdown
 		text={`
@@ -234,7 +226,7 @@ You cannot enable high availability for an existing Connector on-ramp. To add hi
 		inline={false}
 		/>
 
-		<Aside>You cannot use the same license key twice, or reuse a key once the virtual machine has been registered with Cloudflare. You need a new key from your account team for every new Virtual Connector.</Aside>
+		<Render file="mconn/licence-keys" product="networking-services" />
 
 		<Markdown
 		text={`
@@ -243,6 +235,53 @@ You cannot enable high availability for an existing Connector on-ramp. To add hi
 		`}
 		inline={false}
 		/>
+
+		</TabItem> <TabItem label="Proxmox Virtual Environment (beta)">
+
+		<Markdown
+		text={`
+		**1. Obtain the Virtual Connector script**
+
+		Contact your account team at Cloudflare to obtain your license keys and the Virtual Connector script for Proxmox. The script will set up and configure a Proxmox virtual machine with the appropriate settings for Virtual Connector. Refer to [Prerequisites](#prerequisites) for more information on system requirements.
+
+		The script can be deployed multiple times to create several instances of a Virtual Connector, in different locations or on the same Proxmox host. You will consume one license key for each instance created. For example, if you want to deploy 10 Virtual Connectors you should request 10 license keys.
+
+		**2. Deploy the Virtual Connector on Proxmox**
+
+		The following instructions assume you already have Proxmox Virtual Environment installed with sufficient resources. Refer to [Prerequisites](#prerequisites) for more information.
+
+		1. In the terminal prompt of your Proxmox server, load the script provided by your account team. For example: \`bash YOUR_SCRIPT\`. You need elevated privileges to run the script.
+		2. You will be prompted to create a new Virtual Connector. Select **yes** to proceed.
+		3. Set up your Virtual Connector name.
+		4. Enter your license key.
+				`}
+		inline={false}
+		/>
+
+		<Render file="mconn/licence-keys" product="networking-services" />
+
+		<Markdown
+		text={`
+		5. Select the network interface card (NIC) you want to use with Virtual Connector.
+		6. Select the network bridge that corresponds to the physical network interface card (NIC) on your host machine. This bridge allows the network adapter in the virtual machine to communicate through the NIC in the host, as if it were directly connected to the physical network.
+		7. (Optional) Configure your VLAN setting if needed.
+		`}
+		inline={false}
+		/>
+
+		<Render file="mconn/vlan-tagging" product="networking-services" params={{	url: "[Proxmox documentation](https://www.proxmox.com/en/products/proxmox-virtual-environment/get-started)" }}/>
+
+		<Markdown
+		text={`
+		8. Finish your configuration.
+		9. The script will apply your settings and configure the virtual machine template for Virtual Connector.
+		10. In the **Hardware settings** for the new VM, make sure the hardware settings match the minimum requirements for running Virtual Connector. Make changes to the RAM and CPU if needed.
+		11. Continue setup in your [Cloudflare dashboard](#set-up-cloudflare-dashboard).
+		`}
+		inline={false}
+		/>
+
+		</TabItem> </Tabs>
   </>
   )
 }
@@ -498,7 +537,7 @@ When you are ready to connect your Magic WAN Connector to the Cloudflare network
 
 		<Markdown
 		text={`
-		1. Go to **Virtual Machines** in VMware, and boot up Virtual Connector's VM.
+		1. Boot up Virtual Connector's VM in your virtual machine.
 		2. The Virtual Connector will make a request to Cloudflare. This is the step where Virtual Connector registers your provided license key and downloads the [configuration you provided](#set-up-cloudflare-dashboard).
 		3. The Virtual Connector will set up the LAN and WAN connections according to the configuration downloaded from the site you created on the Cloudflare dashboard. The Virtual Connector will also establish IPsec tunnels.
 		4. If successful, the [tunnel health checks](/magic-wan/configuration/common-settings/check-tunnel-health-dashboard/) will show as healthy.

@@ -0,0 +1,7 @@
+---
+{}
+---
+
+import { Aside } from "~/components";
+
+<Aside> You cannot use the same license key twice, or reuse a key once the virtual machine has been registered with Cloudflare. You need a new key from your account team for every new Virtual Connector.</Aside>
@@ -0,0 +1,21 @@
+---
+params:
+  - url
+---
+
+import { Aside, Markdown } from "~/components";
+
+<Aside title="VLAN tagging">
+
+Virtual Connector supports creating subinterfaces through the use of [802.1Q VLAN tagging](https://en.wikipedia.org/wiki/IEEE_802.1Q).
+
+Use VLAN ID <code>0</code> when:
+
+- Connected to a Port Group or Distributed Port Group that is associated with a specific VLAN.
+- Connected to a Port Group or Distributed Port Group that is configured as a trunk that requires untagged packets.
+
+You can also configure subinterfaces on the Virtual Connector by associating the network interface with a Port Group or Distributed Port Group trunk and specifying a VLAN ID in addition to the port associated with the network interface (VLAN ID <code>1</code>-<code>4094</code>).
+
+Refer to <Markdown text={props.url} /> for more information.
+
+</Aside>