I have truenas scale gold eye and opnsense has been running from the start in a VM so truenas scale 22.12 or so. I upgraded all the time even got vlans up and running since last year and it is still working fine.
I think however that the setup can be improved or restyled since I learned a bit along the way. However now I am stuck on how to do it properly.
I didn't pass through the NICS via pci passthrough, instead I created bridges on the nics and used them instead.
So right now I have these issues I need to fix or think I need to improve.
I read it is better to pass through the nics directly to opnsense.
So I have:
enp5s0 (ISP) > br1 > VM NIC (Opnsense)
enp1s0 (network) > br0 > Static NAS IP 192.168.7.2 > br0 > Opnsense VM
enp1s0 (Physically) > VLAN switch
In opnsense I have these VLANS which I would like to change in numbers to more commonly used numbers
I now have
192.168.7.1/24 nLAN in opnsense
192.168.10.1/24 VLAN10 truenas scale containers
192.168.72.1/24 VLAN72 LAN
192.168.73.1/24 VLAN73 GUEST
192.168.74.1/24 VLAN74 Iot
192.168.75.1/24 KVM (kvm module connected so if network is not good I can connect to the truenas scale menu or management network)
So the setup is bit of a mess right now.
The 72, 73, 74 and 75 networks are broadcasting ok on the TP-LINK 1x EAP615 and 2x 725 wall modules that I have.
Also the containers on truenas are in a MACVLAN network which is also 192.168.10.X/24 Somehow I managed to bridge this so that truenas has access to the containers and my pc and everything can connect to eachother. Don't know how I done this in the past, I think it was making a dummy IP or something like that.
What I would like is to have a network (management) for example the 192.168.10.1/24 that has the TNAS scale, the router addresses in it and the EAP and just for management
I would like to move the containers to 192.168.20.x/24 together with the vm's and have DHCP to the containers and VM's
30 as Iot DHCP or statics
40 perhaps for the kvm module
and 50 as guest
Attached are some settings. Truenas/opnsense vm's
Is it better to pass the nics through?
If it doesn't matter much how can I get the IP's to change without much trouble?
I tried setting up a new vlan on enp1s0 vlan20 (containers and vm's) to convert all the containers to it but hereĆ” a catch opnsense is a vm and running on 192.68.7.1
I wanted to add a HAOS as a VM, now runs in docker, but I could not get bluetooth to pass through on the core version.
Most apps I run are custom made because the MACVLAN.
How should I approach this without having much downtime?
I also have adguard on container
nginx proxy manager a working
wireguard vpn connection towards home
I do not like to install everything over. There should be a way to set it up properly and all help and tips are welcome.
I am even considering the get the opnsense on a protecli or something with 2 NICS. With a N150 or something?
But this saves power as the nas is already running anyways.
The current system is this
OS Version:25.10-RC.1
Product:X570 I AORUS PRO WIFI
Model:AMD Ryzen 7 PRO 4750G with Radeon Graphics
Memory:31 GiB
enp5s0 (ISP)
enp1s0 (netwerk)
enx4a03acfe1576 (don't know)
br0 (netwerk + NAS IP) 192.168.7.2/24
br1 (ISP)
di-b95febd57e23 (don't know)
enx0050b611d7af (backup network adapter if access is lost) 192.168.8.20/24
Thank you for your time in advance! For taking the time to read and answer this.