[SOLVED] OPNsense and VLANs

Asparagus7885

New Member
Jan 11, 2023
3
2
3
Hello,

i am using OPNsense and Proxmox for a while now, both on seperate machines, and now i want to recreate my setup with OPNsense as a VM, but i am having trouble to do so.

My current setup is:
- LTE-Modem is providing WAN to OPNsense
- OPNsense is configured to use multiple VLANs and connects to a OpenWRT Router/WiFi Access Point/Switch
- the switch connects to Proxmox and passes the VLANs
- on Proxmox i have configured VLAN and a Bridge for the Proxmox host itself

This is working just fine for me, and i want to recreate this setup.

My new Proxmox host got 2 additional NICs (3 in total), and i am passing through 2 of them to the OPNsense VM.
Testing this without VLANs is working just fine, the host is accessible, the OPNsense and even the LTE Modem.
But as soon as i am trying to configure the VLANs, it stops working.
Probably i am doing it wrong somewhere, but i thought it would be the exact same setup as my old one, since i am passing through the NICs.

Could someone maybe point me in the right direction, what to look out for, how to configure the VLANs correctly?
As i was using the search, and google, i couldn't come up with a solution or a HowTo

Thanks
 
Should not need anything special on the proxmox side, once iommu passthrough is working properly.

When setting up Vlans on a new OPNsense you are required to enable the parent interface (new requirement since the 22 and above series opnsense) even if it is not used otherwise.
 
Hm, so when it's basically the same setup if i'm not mistaken, i probably made a mistake somewhere along the way.
I'll probably just start all over and try again


When setting up Vlans on a new OPNsense you are required to enable the parent interface (new requirement since the 22 and above series opnsense) even if it is not used otherwise.
when i upgraded from 21.x to 22 everything continued to work, so i guess i configured it right on the OPNsense side. Or is there something new to consider in the settings, except for enabling all interfaces?
 
Hi I'm moving exactly the opposite direction.

I currently have a Proxmox server-pc (1 NIC) running amongst others an OPNSense VM.
In the OPNSense VM I defined a LAN with several VLANs.
In Proxmox I created a VLAN aware virtual NIC vmbr1 (the LAN) and every VLAN is attached to its own connection which is vmbr1 and a tag) I am able to make other LXCs and VM part of those VLANs. The firewall rules in the OPNSense VM allow the LXCs and VM to access the internet for updates etc.

The new setup is a dedicated 1 NIC laptop running OPNSense connected to a managed switch which is connected to the providers router.
The switch is also connected (via wired DecoM5's) to my other pc's and laptops.
One of these pcs is my Proxmox Server.
My question is: how to configure Proxmox so that the VLANs defined on the OPNSense laptop are known in Proxmox, so that I can add the LXCs and VMs part of the their respective VLAN.
The firewall rules in the new OPNSense laptop are comparable to the ones in the old OPNSense VM.
Should something be added in order to allow the LXCs and VM to access the internet for updates etc?
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!