Hello everyone,
I have installed straightforward Pfsense as VM on Proxmox. Everything runs as expected. But not the Wireguard access. I have prepared a S2S Wireguard tunnel between an external pfSense and those running as VM into Proxmox. However, the connection from my remote pfSense to the VM Pfsense runs but vice versa does not.
so to give an idea about the issue
remote pfSense
LAN 10.0.10.0/24
tunnel 10.0.254.1/30
VM pfsense
LAN 10.0.140.0/24
tunnel 10.0.254.2/30
Ping remote Pfsense to a client in VM pfSens LAN:
PS C:\Users\> ping 10.0.140.2
Ping wird ausgeführt für 10.0.140.2 mit 32 Bytes Daten:
Antwort von 10.0.140.2: Bytes=32 Zeit=8ms TTL=62
Antwort von 10.0.140.2: Bytes=32 Zeit=8ms TTL=62
Antwort von 10.0.140.2: Bytes=32 Zeit=8ms TTL=62
Antwort von 10.0.140.2: Bytes=32 Zeit=8ms TTL=62
Ping-Statistik für 10.0.140.2:
Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 8ms, Maximum = 8ms, Mittelwert = 8ms
I also have access to the proxmox and Pfsense UI.
but from VM Pfsense into remote Pfsens LAN
the ping is not successful.
The Wireguard interface is also still offline.
Of course, the WAN and Wireguard firewall rule is all set:
For me, it looks like an upstream interface is missing, which I need to prepare on Proxmox, but I'm not sure if that is the case and how to do it because in the end, the route goeass over the Tunnel.
Can someone help me out?
so the config is as follows for complete the information:
LAN Area PfSense:
- on proxmox config:
physical interface eno3
auto vmbr2
iface vmbr2 inet manual
bridge-ports eno3
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
#LAN PfSense
on pfSense:
- VLAN's:
VLAN110: 10.0.110.0/24 via 10.0.110.1
VLAN120: 10.0.120.0/24 via 10.0.120.1
VLAN130: 10.0.130.0/24 via 10.0.130.1
VLAN140: 10.0.140.0/24 via 10.0.140.1
VLAN150: 10.0.150.0/24 via 10.0.150.1
WAN Area:
- on proxmox config:
physical interface eno2
auto vmbr1
iface vmbr1 inet manual
bridge-ports eno2
bridge-stp off
bridge-fd 0
#WAN Pfsense
- WAN interface DHCP (just at the moment later will have a public IP)
Proxmox Interface
- physical interface eno1
- auto vmbr0
iface vmbr0 inet static
bridge-ports eno1
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
#proxmox
auto vmbr0.140
iface vmbr0.140 inet static
address 10.0.140.2/24
gateway 10.0.140.1
#proxox LAN
so long story short here the picture for a better idea how it is configured:
pfsense:
proxmox
I have installed straightforward Pfsense as VM on Proxmox. Everything runs as expected. But not the Wireguard access. I have prepared a S2S Wireguard tunnel between an external pfSense and those running as VM into Proxmox. However, the connection from my remote pfSense to the VM Pfsense runs but vice versa does not.
so to give an idea about the issue
remote pfSense
LAN 10.0.10.0/24
tunnel 10.0.254.1/30
VM pfsense
LAN 10.0.140.0/24
tunnel 10.0.254.2/30
Ping remote Pfsense to a client in VM pfSens LAN:
PS C:\Users\> ping 10.0.140.2
Ping wird ausgeführt für 10.0.140.2 mit 32 Bytes Daten:
Antwort von 10.0.140.2: Bytes=32 Zeit=8ms TTL=62
Antwort von 10.0.140.2: Bytes=32 Zeit=8ms TTL=62
Antwort von 10.0.140.2: Bytes=32 Zeit=8ms TTL=62
Antwort von 10.0.140.2: Bytes=32 Zeit=8ms TTL=62
Ping-Statistik für 10.0.140.2:
Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 8ms, Maximum = 8ms, Mittelwert = 8ms
I also have access to the proxmox and Pfsense UI.
but from VM Pfsense into remote Pfsens LAN
the ping is not successful.
The Wireguard interface is also still offline.
Of course, the WAN and Wireguard firewall rule is all set:
For me, it looks like an upstream interface is missing, which I need to prepare on Proxmox, but I'm not sure if that is the case and how to do it because in the end, the route goeass over the Tunnel.
Can someone help me out?
so the config is as follows for complete the information:
LAN Area PfSense:
- on proxmox config:
physical interface eno3
auto vmbr2
iface vmbr2 inet manual
bridge-ports eno3
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
#LAN PfSense
on pfSense:
- VLAN's:
VLAN110: 10.0.110.0/24 via 10.0.110.1
VLAN120: 10.0.120.0/24 via 10.0.120.1
VLAN130: 10.0.130.0/24 via 10.0.130.1
VLAN140: 10.0.140.0/24 via 10.0.140.1
VLAN150: 10.0.150.0/24 via 10.0.150.1
WAN Area:
- on proxmox config:
physical interface eno2
auto vmbr1
iface vmbr1 inet manual
bridge-ports eno2
bridge-stp off
bridge-fd 0
#WAN Pfsense
- WAN interface DHCP (just at the moment later will have a public IP)
Proxmox Interface
- physical interface eno1
- auto vmbr0
iface vmbr0 inet static
bridge-ports eno1
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
#proxmox
auto vmbr0.140
iface vmbr0.140 inet static
address 10.0.140.2/24
gateway 10.0.140.1
#proxox LAN
so long story short here the picture for a better idea how it is configured:
pfsense:
proxmox
Attachments
Last edited: