Messages

1

21.1 Legacy Series / Re: OPNsense on VMware ESXi

« on: June 16, 2021, 07:32:56 pm »

Thanks - thats what I was thinking - just was wondering if there is a way I could do it with a VLAN trunk to the OPNsense VM, so that I can use multiple VLANs across the switch. Sounds like an external physical switch would be required to do that, with a physical NIC acting as a trunk uplink on the vSwitch. Is that correct?

Either way for now I will just spin up a vswitch/port groups and add a new interface to the firewall.

2

21.1 Legacy Series / Re: OPNsense on VMware ESXi

« on: June 16, 2021, 06:22:27 pm »

How do I tag the uplink when the new vSwitch will have no connectivity outside of VMware? Ie it will have no uplink as far as vmware is concerned. Or do you mean tag the port group that corresponds to the interface on the OPNsense VM?

3

21.1 Legacy Series / OPNsense on VMware ESXi

« on: June 16, 2021, 05:40:41 pm »

Hi there folks,

Hoping someone will be able to help me with some networking configuration on ESXi.

We have one physical server, running VMware ESXi 6.7 or 6.5 (can't remember which).
This server hosts the virtualised OPNsense firewall we are using, as well as around 5 or 6 VMs.
These VMs are connected to the VMNetwork default network on VSwitch0, as is the LAN interface on the OPNsense firewall. The physical uplink on vswitch0 is to a physical switch on vmnic0. WAN connection from modem is to vmnic1, with a dedicated vswitch and port group, assigned to WAN interface on OPNsense.

Where I'm running into problems, is there is now a need to add a further VM, that is in a separate VLAN from the other VMs.

What I have done so far;
Created new VLAN, using the LAN interface as parent interface. Specified VLAN tag (20), and specified subnet and DHCP information. I then added a portgroup to the default vswitch, specified VLAN tag 20, and assigned as interface to new VM. However when I boot the VM - it is not receiving any DHCP information, and cannot reach the firewall using the VLAN gateway IP.

If I understand what is happening, the VLAN tags are not being passed by the physical switch.

If I understand this correctly, I could configure a new vswitch with no uplink external to the VMware instance and add the OPNsense VM and the new VM to portgroups on this switch. Going forward, would I need to create a new interface on the firewall for any future VLANs, or could I configure a VLAN trunk to the vSwitch (it has no "uplink" as such)?

4

20.7 Legacy Series / Multi-WAN Gateway Group help

« on: October 06, 2020, 07:10:48 pm »

Hi there,

Looking for a bit of help on setting up gateway groups with 2 WAN interfaces and their respective gateways.

So I have created two WAN interfaces, both PPPoE, and OPNsense automatically creates a gateway for the one that is defined as WAN (as opposed to OPT1). I cannot get OPNsense to automatically create a gateway for the second WAN interface (OPT1), and when I create one manually, the gateway will never come online, even though the interface shows that it is connected. What I'm trying to do is load balance between both the WAN connections, but as only one is coming online, this is proving difficult

Any ideas?

Quin