I have an under-used proxmox server running on an HP Elite Desk with an i5-7500 as well as a four port network card along with the built in nic. I want to create a kill-switched network for watching sports that are region restricted. I have two different vpn providers (FastestVPN and Proton)
Any thoughts?
I was thinking that pfsense/opnsense might be overkill as the TV would either be directly hardwired connected to the Proxmox server or I could create an access point using some spare equipment.
Either you use Wireguard directly on the host and bridge the physical interface with the Wireguard interface created using the config file you get from your provider.
This not always the best route for various reasons. Better to leave the host system untouched.
I myself wanted to route specific VMs and CTs through a commercial VPN. I use OpenWrt on my x86 router mini PC. I created a VPN tunnel to my vpn provider as a Wireguard interface using their provided config file, with masqueradeing (NAT). Then I created a VLAN interface and chose a different routing table and set up routing for the vlan traffic to be routed through the Wireguard interface. Then I just set a container or VM to use that Vlan ID and it gets routed through the VPN.
You can spin up a lightweight OpenWrt container or VM.
You can do the same but you assign the physical interface on the proxmox host along with vmbr0 to the openwrt container. I would create a bridge in OpenWrt between the physical interface you assign from the host and a created VLAN so that you also can assign CTs or VMs to the VPN if you need to just using a VLAN ID. Then you manage all the settings in the OpenWrt gui where you set up the tunnel and the additional interface.