OPNsense Forum

I am new to OPNsense and proxmox.
I have read all the documentation but cannot seem to find a solution to my problem:

I have Lenovo Thinkcentre with for NIC card running proxmox virtualised.
This is what my proxmox set-up is.



auto lo
iface lo inet loopback

auto eno1
iface eno1 inet manual

auto enp1s0f0
iface enp1s0f0 inet manual

auto enp1s0f1
iface enp1s0f1 inet manual

auto enp1s0f2
iface enp1s0f2 inet manual

auto enp1s0f3
iface enp1s0f3 inet manual

iface wlp3s0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.0.**/24
        gateway 192.168.0.1
        bridge-ports eno1
        bridge-stp off
        bridge-fd 0

auto vmbr1
iface vmbr1 inet manual
        bridge-ports enp1s0f0
        bridge-stp off
        bridge-fd 0
#LAN

auto vmbr2
iface vmbr2 inet manual
        bridge-ports enp1s0f1
        bridge-stp off
        bridge-fd 0
#LAN



Vmbr2 is my OPT1 network in OPNsense which has a network of 192.168.99.1/24 to be used as management network.

https://ibb.co/NT3WZXC

i have dhcp enabled for this interface. when i plug a device to this interface on the thinkcentre NIC, i am not getting a dhcp ip address. so no device plugged is getting an ip address.
https://ibb.co/vYSpH0X

i have attached screeenshot of my setup. please help. not sure where i have done things badly

Any idea please?

Did you pass the right nic to the right port ? When you plug something in, can you see link on the proxmox interfaces ? and in Opnsense ?

Thank you for your reply.

I have now resolved the issue with the OPT1 interface not getting DHCP. I received a suggestion on the proxmox forum to simplify my network by using para-virtio for the network interface assignment on the Proxmox VM and also uncheck- remove the firewall checked by default.

This has now resolved my issue for the OPT1 interface and I am able to get DHCP IP address from the firewall on that interface.


The Outstanding issue still remain for DHCP address on my LAN interface. I have 100% tested and confirmed all the 4 NIC cards are working and able to assign IP address when switched with the OPT1 interface. I just do not get an IP address now when I set-up any of the remaining 3 NIC to the LAN interface, regardless of which interface i choose for it. This suggest to me the DHCP is not working for the LAN interface.


Here is how my set-up has changed


auto lo
iface lo inet loopback

auto eno1
iface eno1 inet manual

auto enp1s0f0
iface enp1s0f0 inet manual

auto enp1s0f1
iface enp1s0f1 inet manual

auto enp1s0f2
iface enp1s0f2 inet manual

auto enp1s0f3
iface enp1s0f3 inet manual

iface wlp3s0 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.0.11/24
        gateway 192.168.0.1
        bridge-ports eno1
        bridge-stp off
        bridge-fd 0

auto vmbr1
iface vmbr1 inet manual
        bridge-ports enp1s0f1
        bridge-stp off
        bridge-fd 0
#LAN

auto vmbr2
iface vmbr2 inet manual
        bridge-ports enp1s0f0
        bridge-stp off
        bridge-fd 0
#OPT1 LAN




OUTSTANDING ISSUE.
The Main LAN network (LAN) still does not work even after validating all NIC cards are working. I even changed the IP address on the LAN interface for OPNsense to 172.16.1.1/24 network and it still does not give out DHCP for this interface. Same outcome when I used IP address in the same range of my WAN interface.



What I have found interesting since getting the OPT1 interface to give out DHCP, i am now able to connect and manage OPNsense webgui from the 192.168.99.** subnet even though management should be the LAN interface since OPNSense install points to the LAN IP url for web-login? I mean i am happy to be able to login to OPNsense from more than 1 interface, I am just lost what the root cause is for LAN interface not giving IP address or even working when I manually assign a static IP address to the machine connected to that interface.


see interface dhcp enabled

https://forum.proxmox.com/attachments/1673718438300-png.45609/ (https://forum.proxmox.com/attachments/1673718438300-png.45609/)


Kind regards

Quote from: klassbond on January 14, 2023, 09:03:15 PM


see interface dhcp enabled

https://forum.proxmox.com/attachments/1673718438300-png.45609/ (https://forum.proxmox.com/attachments/1673718438300-png.45609/)


Kind regards

did you create a dhcp scope ? Every interface you add / use needs a DHCP scope.

GO to Services, dhcp look at the network that you are having issue with.

Check all the settings,  subnet. gateway netmask.

Also confirm that on your interface that its actually ipaddress/24,  it defaults to /32 for some reason.

Thanks for your reply.

I am not sure i understand what DHCP scope is, I can however confirm that DHCP was enabled for each interface under services->DHCP and a DHCP range of address also allocated for each interface and all using CIDR /24  subnet

No further investigation required anymore as I have now resolved the issue. I suspect this could be related to using E1000 for the network interface. I switched to Virtio (Paravirtualised) and also swapped my WAN and LAN interface assignment again on proxmox. I am now getting DHCP for both OPT1 and LAN interface for connected devices.

Kind regards

A common issue in virtualised OPNsense is that for DHCP to work the virtual interface must be set to promiscuous mode inside the virtual machine. Depending on the hypervisor in use that feature must be enabled/permitted explicitly.

Unless you use PCIe passthrough, of course.