OPNsense Forum
English Forums => General Discussion => Topic started by: frozen on October 19, 2023, 04:32:30 pm
-
Hello all, novice user here
My setup is as follows
Bell GigaHub ISP Modem/Router Combo w/3Gbps Fiber @ 192.168.0.1
Proxmox Hypervisor installation @ 192.168.0.100
OpnSense installed under Proxmox @ 192.168.1.1
These were all the default values.
I want to disable the Gigahub's router/wifi features and have it go through OpnSense instead, but right off the bat, I see a huge problem with Proxmox being on 192.168.0 and OpnSense at 192.168.1
And how is the 192.168.1.1 OpnSense installation supposed to communicate with the Modem itself which is on an entirely different subnet?
And furthermore, how will I access my Hypervisor which is at 192.168.0.100 if the OpnSense is choosing 192.168.1.1 ?
I'm incredibly confused here and don't know where to begin. What do I do?
-
Ok yeah nothing works, OpnSense has absolutely zero connectivity, it can't be reached anywhere and can't reach anything because it's on a different subnet?
Networking is so confusing, I'm dying over here
-
Wow. I do not even know where to begin...
First off, if OpnSense is to be used as a firewall / router (which seems self-evident), it needs two interfaces (WAN and LAN). Its LAN interface should be on the same bridge as proxmox and your other clients itself, since you probably want them behind your firewall.
192.168.1.1 is the default IP of the OpnSense LAN interface. 192.168.0.1/24 is probably the WAN interface.
Currently, you probably cannot reach OpnSense either:
a. You try it from the WAN side (which is protected).
b. You have not reconfigured the default OpnSense WAN IP.
Then again, try to visualize what you want to achieve first. From what you wrote, I guess you will opt for an intermediate network (192.168.0.1/24) between OpnSense WAN and your ISP router - this must be separate from your future LAN. Your proxmox server needs at least to (physical or logical) interfaces to support OpnSense in such a configuration.
-
Wow. I do not even know where to begin...
First off, if OpnSense is to be used as a firewall / router (which seems self-evident), it needs two interfaces (WAN and LAN). Its LAN interface should be on the same bridge as proxmox and your other clients itself, since you probably want them behind your firewall.
192.168.1.1 is the default IP of the OpnSense LAN interface. 192.168.0.1/24 is probably the WAN interface.
Currently, you probably cannot reach OpnSense either:
a. You try it from the WAN side (which is protected).
b. You have not reconfigured the default OpnSense WAN IP.
Then again, try to visualize what you want to achieve first. From what you wrote, I guess you will opt for an intermediate network (192.168.0.1/24) between OpnSense WAN and your ISP router - this must be separate from your future LAN. Your proxmox server needs at least to (physical or logical) interfaces to support OpnSense in such a configuration.
Thanks so much for the response, let me try and explain a bit more
Factory default state of Bell router/modem/all-on-one is 192.168.0.1 with obviously DNS and DHCP and WiFi all in one - I was going to disable this, and I have PPPoE username & password credentials to bypass the modem once the All-In-One functions are disabled is my understanding.
I have a basic server, with only Proxmox installed, and yes, it has a dual 2.5GbE network ports. It installed to it's default installation address of 192.168.0.100. It works great and functions all as required.
On the Proxmox server,
enp0s0 is port 1, it's connected directly to the ISP routers 10Gbps out port. The only one on the modem >1Gbps.
enp1s0 is port 2, and it has absolutely nothing connected to it right now. This is going to eventually provide connectivity to my devices.
What I "thought" was going to happen, is after disabling the DNS/DHCP/WIFI on the ISP router and running OpnSense on 192.168.1.1 , that all future devices connected to the network would be managed via OpnSense on 192.168.1.1 and receive an address via DHCP in that range - very simple stuff!
But instead what has happened, is 192.168.0.1 and 192.168.0.100, so both the main internet router and the Proxmox server are fully unreachable as it seems OpnSense now is the lone device on 192.168.1.1 network
And now, I don't know what to do next :( I know the PPPoE credentials have to be entered somewhere but haven't even gotten to that stage yet because it won't be able to reach the modem I assume which is 192.168.0.1
Your last summary sounds right of what I am hoping for I do believe!
Thanks kindly for taking the time to reply
-
Hi, I just made this :embarassed:
-
You should give proxmox an IP of 192.168.1.100/24, however that implies that your LAN is already up and running (i.e. gets IPs via DHCP) and has internet access through OpnSense. If your client PCs are already configured like so, they would not be able to access proxmox.
In order to do that, the bridge that proxmox itself connects to must be the LAN interface, I assume now it's WAN. It always makes things clearer when you label the interfaces.
You have chosen a very complicated task in that during the transition to the destination setup, you will lose connectivity to either proxmov or OpnSense or the internet, because you have to switch interfaces and networks around while your OpnSense is not yet ready to server as a router.
The final stage is like what you depicted, but it is almost impossible to give instructions without actually being present and being able to reconfigure interfaces and so on.
-
I would recommend that you do a physical OPNSense setup to begin with as you're not familiar with how things work. I know it's one more box but it would greatly simplify things and you can pick up a machine for relatively cheap.