Moving Proxmox HTML UI IP to my OPNSense LAN

[transcendtient]

I’m running Proxmox VE 8.4 with OPNsense. Below is my OPNSense interfaces for reference.

My setup looks like this:

• AT&T BGW320 gateway -> eno1 -> vmbr0 (WAN bridge)
• OPNsense LAN (192.168.10.0/24) -> eno2 -> vmbr1 (LAN trunk bridge)
• Cisco 3650 switch -> eno4 -> vmbr2 (from switch)

I want Proxmox itself to be reachable from the LAN (192.168.10.0/24).
The OPNsense VM handles WAN/LAN routing, clients on the LAN can reach the internet through it, but my Proxmox host cannot be reached from the LAN side, can't get to the internet, and can’t reach LAN devices on 192.168.10.0/24.

Here’s what my /etc/network/interfaces looks like right now:

auto lo
iface lo inet loopback

auto eno1
iface eno1 inet manual

auto eno2
iface eno2 inet manual

auto eno3
iface eno3 inet manual

auto eno4
iface eno4 inet manual

auto vmbr0
iface vmbr0 inet manual
    bridge-ports eno1
    bridge-stp off
    bridge-fd 0

#WAN
auto vmbr1
iface vmbr1 inet static
    address 192.168.1.3/24
    gateway 192.168.1.254
    bridge-ports eno2
    bridge-stp off
    bridge-fd 0
    bridge-vlan-aware yes
    bridge-vids 2-4094

#LAN trunk bridge
#auto vmbr2
#iface vmbr2 inet manual
#    bridge-ports eno4
#    bridge-stp off
#    bridge-fd 0
#    bridge-vlan-aware yes
#    bridge-vids 2-4094
#from switch

source /etc/network/interfaces.d/*

The issue:

1. What’s the correct way to make Proxmox reachable on the LAN subnet (192.168.10.0/24)?
2. Should I set Proxmox up on vmbr2? It seems like it being on the LAN bridge should just work...
3. When I set an address in the 192.168.10.0/24 subnet OPNSense gets dropped.
4. How do I avoid breaking the existing WAN/LAN connectivity OPNsense already manages?

I'm not great with networking. I've just been throwing things at the wall at this point, and getting alot of exercise walking up and downstairs.