Hello everyone. I'm struggling to setup a working network into my cloud services.
The setup is as the following:
Dedicated Server (1 Public IP) -> Proxmox ->(NAT) OPNsense -> Other VMs connected to lan
In Proxmox i have the following configurations at /etc/network/interfaces:
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
auto enp0s31f6
iface enp0s31f6 inet static
address 94.130.x.x/26
gateway 94.130..x.x
auto vmbr0
iface vmbr0 inet static
address 10.10.10.1/24
bridge-ports none
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o enp0s31f6 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o enp0s31f6 -j MASQUERADE
post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1
auto vmbr1
iface vmbr1 inet static
address 172.16.0.1/24
bridge-ports none
bridge-stp off
bridge-fd 0
Ok, so created new VM(OPNsense), install and configure it as following:
WAN -> vtnet0 (bridge to vmbr0 at Proxmox Server)
LAN -> vtnet1 (brigde to vmbr1 at Proxmox Server)
WAN configured with 10.10.10.2/24
LAN configured with 172.16.0.1/24 DHCP(yes) Range: 172.16.0.2-172.16.0.254
After that created another VM(Ubuntu) and connected to vmbr1 (LAN of OPNsense connected to Proxmox vtnet1)
The client get the IP successfully via OPNsense DHCP as following -> IP 172.16.0.2 , Gateway 172.16.0.1, DNS 172.16.0.1
But this client cannot access internet or even OPNsense GUI from there.
I can ping from OPNsense shell client IP 172.16.0.2, also can ping google.com or 8.8.8.8
From client i can ping 172.16.0.1 but not google.com or 8.8.8.8
Also can't open OPNsense GUI from client via 172.16.0.1
The output of cat /etc/resolv.conf from OPNsense shell is like following:
domain localdomain
nameserver 172.16.0.1
nameserver 10.10.10.1
search localdomain
What i am doing wrong? Spent more than 1 day to figure it out but nothing helped.