Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - apiening

Pages1
#1
Virtual private networks / Re: OpnVPN client static IP [SOLVED]
April 22, 2024, 04:35:53 PM
Can you please describe where exactly I can find this setting "persist-remote-ip"?
Is it related to the Server instance or to client specific configuration?
I can't find it on my OpnSense 24.1.1 instance.
#2
22.1 Legacy Series / IPv6 routing setup with virtualized OPNsense and internal VM network
June 10, 2022, 12:36:54 PM
I'm struggling with adding IPv6 to my setup, here is what I have:

Code Select

           ┌───────────────────────────────────────────────────────────────────────────────────────────────────────────────┐
           │                                                                                                               │
           │                                        Virtualization Host (Proxmox)                                          │
           │                                                                                                               │
           │                            ┌───────────────────────────────────────────────┐     ┌─────────────────────────┐  │
           │                            │                                               │     │                         │  │
           │                            │                       OPNsense                │     │          VM01           │  │
           │                            │                                               │     │                         │  │
Public     │  vmbr0 - 2a01:...::2/64    │ vtnet0 - 2a01:...::3/64       vtnet1 - XXX/YY │     │ eth0 - 2a01:...::10/64  │  │
───────────┼────────────────────────────┼────────                                ───────┼─────┼──────                   │  │
           │                            │                                               │     │                         │  │
           │                            └───────────────────────────────────────────────┘     └─────────────────────────┘  │
           │                                                                                                               │
           └───────────────────────────────────────────────────────────────────────────────────────────────────────────────┘


I have a Virtualization Host (Proxmox) which is connected to the public internet. The IP-address 2a01:...::2/64 is assigned to the public interface vmbr0 and the host is reachable.

I have installed OPNsense in a VM which is connected with one interface to the public bridge vmbr0 and with a second interface to an internal bridge vmbr1.
The WAN interface vtnet0 of the OPNsense router has an IPv6 address 2a01:...::3/64 assigned and is reachable from the public internet.

What I want to achieve:
An IPv6 DHCP Server on the internal interface vtnet1 of the OPNsense router should provide IPv6 addresses with the global prefix (let's say 2a01:...::10/64 to 2a01:...::100/64) to the internal VMs (VM01 in this example) with a static assignment, so that public IPv6 communication is possible but of course controlled with Firewall rules.

My current questions / issues:

  • How should I configure the internal interface vtnet1 of the OPNsense router? Static IPv6 or SLAAC?
  • What address or prefix should be assigned to the LAN interface of the OPNsense router? An address with the global 2a01: prefix or a link local address?
  • How do I configure the IPv6 DHCP server? Especially, how do I configure the gateway and DNS servers to be assigned correctly?

I hope I was able to make my setup and my goals clear.
I have obviously some lack of understanding regarding this IPv6 router setup and I can't find a guide or reference setup, so any help on this is greatly appreciated.
Pages1