OPNSENSE network troubles - desperate noob

[jabba]

Hi everybody!
I am new to Proxmox, OPNsense and Homelabbing.
I have follow a lot of tutorials from "Jim's Garage" and "homenetworkguy", but I can't resolve my problem. I am trying to build my fully virtualise homelab.

So, this is my configuration:
- One Desktop PC (ryzen 9-3900x and 32GB ram)
- 1 Rage extender (linked to vmbr0 card) (important: this is necessary because I can't connect directly my homelab to my ISP Modem)
- 2 NICs phyisical 2.5gb/s (I've added a PCIe NIC cardto my desktop) and 2 Linux Bridges (1-to-1):

I've finished all the initial setup on proxmox and OPNSense.
vmbr0 is both my LAN connection for OPNSense and Proxmox MGMT connection.
vmbr1 will be connected to a smart switch later.

This is OPNSense HW configuration:

and these are the IPaddresses:

Physical cable is connected from Rage extender to MGMT port (vtnet1 or vmbr0).
I can access OPNsense web page without any issue, BUT I can't see any information about firmware and "check for updates" takes ages:

I've tried to change different DNS, 8.8.8.8, 1.1.1.1, 9.9.9.9:


This is the ping test for google dns:


what am I doing wrong?

 

[nautilus7]

Check intefaces > overview to confirm whether your wan interface got a proper address. Perhaps you need to allow private/bogon addresses in wan interface options.

 

[SteveITS]

@jabba LAN and WAN need to be in different subnets or it can't route.

 

[nautilus7]

Hm, of course, didn't see that. You need to set the lan ip address to something different, e.g. 192.168.2.1/24

 

[meyergru]

Try starting here: https://forum.opnsense.org/index.php?topic=44159.0, especially the section on network "hardware".

 

[jabba]

@jabba LAN and WAN need to be in different subnets or it can't route.

This is the setup right now:

(don't worry about UNTRUSTED because I am not using it)

LAN has static IP address and DHCP enabled (so it connects my 8-port managed switch)
WAN has dynamic IP, got from Rage extender.

I've linked a second laptop to my managed switch, but connection is not working.
I've linked the same laptop directly to the Rage Extender and it connects correctly.

For the firewall rules, I've followed this guide: https://homenetworkguy.com/how-to/beginners-guide-to-set-up-home-network-using-opnsense/
Firewall rules are pretty straightforward, anything fancy.

This is the log I get on OPNsense web GUI:
where vtnet0 = WAN on OpnSense (which is the interface linked to the rage extender, so the one receiving internet connection from ISP)

This is Proxmox and Opnsense configurations updated:


Connection still not working on Switch. It seems like OPNSense is not routing connection from WAN to LAN.
Any ideas?

Thank you guys for your support.

 

[jabba]

oh, and this is the Interface Overview:

 

[coolhuman]

Connection still not working on Switch. It seems like OPNSense is not routing connection from WAN to LAN.
Any ideas?

The only issue i'm seeing here is that, Firewall is enabled at the interface level at Proxmox for the OpnSense VM Hardware specifications.

There's no need to enabled Firewall in this part of the configuration (On both net0/net1), It will only cause issues as the VM is a Firewall itself.
One of the reasons why WAN -> LAN traffic isn't working is probably because of that.
I'm not an expert at Proxmox, but I've also used OpnSense some time ago as a Proxmox VM. So if i'm wrong, then sorry...