Opnsense, access to proxmox ve from LAN

W

wuffz

New Member
Mar 5, 2020
4
0
1
33
I have a proxmox setup with 4 nics.

1 is currently the management interface. ( connected to enp2s0f0 )
2 are bonded to a vmbr = LAN, ( connected to ens1 and ens2 )
1 vmbr = WAN, ( connected to enp2s0f1, which is connected into my homenetwork for now, later on will become dmz. ( 129.168.178.x )

The above settings are working. i connected my laptop to the ens1, after some fiddeling with dns i can connect to the outside world on the lan side through the opnsense vm.
the next question for my homelab will be, how can i connect the vmbr0 to the LAN side of things, i want to be able to use an ip in the range of de opnsense range ( 192.168.1.x ) to access the proxmox virtual environment ( web ui ) this will be just on the lan side.

i tried to set vmbr0 to a static 192.168.1.2, and add bond0 to the 'ports/slaves' that didn't work.

vlans are not in use for now.

many thanks in advance!
 

Attachments

  • hodor.png
    hodor.png
    91.5 KB · Views: 124
wuffz said:
I have a proxmox setup with 4 nics.

1 is currently the management interface. ( connected to enp2s0f0 )
2 are bonded to a vmbr = LAN, ( connected to ens1 and ens2 )
1 vmbr = WAN, ( connected to enp2s0f1, which is connected into my homenetwork for now, later on will become dmz. ( 129.168.178.x )

The above settings are working. i connected my laptop to the ens1, after some fiddeling with dns i can connect to the outside world on the lan side through the opnsense vm.
the next question for my homelab will be, how can i connect the vmbr0 to the LAN side of things, i want to be able to use an ip in the range of de opnsense range ( 192.168.1.x ) to access the proxmox virtual environment ( web ui ) this will be just on the lan side.

i tried to set vmbr0 to a static 192.168.1.2, and add bond0 to the 'ports/slaves' that didn't work.
Click to expand...
"connect the vmbr0 to the LAN side of things" means connect to some external (hardware) servers as storage etc. - correct?

Difficult to say without knowing the complete network architecture (i.e. how is you opensense vm connected as well as other details maybe too). I guess you have to define the necessary routing in opensense as well as using opensense as (default) router for the servers.
 
Sorry for the inconvenience
No it wasn't external. i tried to add the vmbr0 to the 'ports/slaves' ( or bridge-ports in the interfaces if you will )
Below is my current/working configuration.

vmbr1 is connected to the WAN in opnsense
vmbr2 is connected to the LAN in opnsense
vmbr0 is connected as OPT1, but disconnected and not in use.

when i hook up my laptop to the LAN port ( fysical ) i get an ip from the opnsense dhcp server.
when i hook up the wan port ( fysical ) i get a internet connection on that laptop.
in the above statement wifi is turned of, so there's no mixup here.

what i want to achieve is that the proxmox VE interface is available within the LAN network, so i can access it from my laptop without being on the management interface (vmbr0)

i'm guessing i could setup opt1(vmbr0) to be accessible via opnsense. but i wonder if there's a way to get the static ip on vmbr0 to be accessible straight from the LAN ( as dhcp is broadcasted on 192.168.1.100 to 192.168.1.254, opnsense is on 192.168.1.1, i want the proxmox ve on 192.168.1.2 )


hope this clearifies, if any questions please tell me

Bash: 
auto lo
iface lo inet loopback

auto enp2s0f0
iface enp2s0f0 inet manual
#management port, left bottom

auto enp2s0f1
iface enp2s0f1 inet manual
#wan port, right bottom

auto ens1
iface ens1 inet manual

auto ens2
iface ens2 inet manual

auto bond0
iface bond0 inet manual
        bond-slaves ens1 ens2
        bond-miimon 100
        bond-mode balance-alb
#BUNDEL LAN

auto vmbr0
iface vmbr0 inet static
        address  192.168.178.2
        netmask  24
        gateway  192.168.178.1
        bridge-ports enp2s0f0
        bridge-stp off
        bridge-fd 0
#MANAGEMENT

auto vmbr1
iface vmbr1 inet manual
        bridge-ports enp2s0f1
        bridge-stp off
        bridge-fd 0
#WAN

auto vmbr2
iface vmbr2 inet manual
        bridge-ports bond0
        bridge-stp off
        bridge-fd 0
#LAN 192.168.1.2/24
 
wuffz said:
what i want to achieve is that the proxmox VE interface is available within the LAN network, so i can access it from my laptop without being on the management interface (vmbr0)
Click to expand...

Hello wuffz! I'm trying to solve the exact same problem. Have you found a solution?

Thanks
 
Actually i did not. I got a bigger switch later on, and just gave de management port a fysical connection. Pro: i can manage it when the firewall goes down by plugging in a laptop straight to proxmox management. :)
 
It does have access.. Its connected to the same switch as the lan interfaces for opnsense. I have given the proxmox main interface a static ip with the opnsense as gateway
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back