Messages

Would this be without adding an additional physical NIC to the system?

All,

I never did get this working, though I suspect I would have had to add another physical NIC to the system so that all traffic on that NIC could be tagged with the VLAN ID.

Instead, I went with the Unifi Security Gateway which, sadly, means that my time with OPNSense has come to an end. Love the software and hope to use it again sometime soon - I just wish things like these were easier (overall - this isn't OPNSense's fault).

KH,

It does, but it seems like everything has to be tagged with that VLAN. If that's the case (and I understand if it is) then I need another physical NIC in the system to allocate to OPNSense.

I have 4 NICs; 1 is from the WAN to OPNSense, 1 is from OPNSense to the LAN, and 2 are in a NIC team for the other VMs on my Hyper-V instance.

I can't create a new Hyper-V switch with a VLAN tag and pull any of the above NICs as they're already in another Hyper-V switch.

At least that's what it seems.

Would this mean, then, that I need another physical NIC connected to it's own virtual switch and everything tagged with the VLAN?

And there I see the problem. Are you sure that Hyper-V is supporting to set the VLAN inside of a virtual machine? I always had issues with VLANs inside of a virtualized environment. I created them in the hypervisor to get them working. And if I remember correctly there was a thread where someone run into the maximum number of networks for OPNsense inside a Hyper-V VM because it only worked if the VLANs were created in Hyper-V.
Try to create a VLAN in Hyper-V and assign it as a interface in the OPNsense VM.

KH

No, I'm not sure. I know enough Hyper-V to manage things but start to get lost when it comes to VLANS/Tagging/etc. I'm not completely clueless, but I'm also no guru.

I created a 3rd NIC and added it to the Hyper-V guest running OPNSense.



Here's my virtual switch manager (note, I can't create another switch with the teamed NICs as they're already in a virtual switch)



I realize that I'm (probably) rapidly approaching what this fourm can do to help - I'm grateful for any info/advice/etc. that anyone has to give.

Thanks!

What screenshot(s) would you like re: the DHCP server. I'm pretty sure I enabled it.

This makes sense and I though it was weird (in one of the guides) that they said to use "Guest".

I can connect to the wireless network but I'm not getting an IP address. My ultimate goal would (eventually) be to have my Windows DHCP server act as the DHCP server for this network - would setting this up be any easier or just add an unneeded layer of complexity at this point. I'm happy to continue on with trying to get OPNSense setup as my DHCP server.

And the guest network is setup as vlan only with correct vlan id?

99% certain I've got the right network port chosen for the VLAN.

OPNSense is running in an Hyper-V instance with a dedicated dual NIC (one NIC for WAN and one NIC for LAN).

I believe so:

From what I can see it looks like the port on my switch that OPNSense is plugged in to is passing all VLAN traffic:

I did manually add two DNS servers to the DHCPv4 pool for the guest network




How do I check the switchports? I **think** unifi passes all VLAN information to all ports - I briefly checked this but couldn't find anywhere to set it.

I can create the DNS rule, however, wouldn't me not obtaining an IP address from the pool be a larger issue?

Thanks!

Sorry all - somehow I did not have notifications turned on for replies. I've since fixed that and should be more responsive in the future.

Thanks again.

A mistake I made waaay early on with unify is I didn't set my trunk port that goes to my firewall to "all" so that it'll trunk all your vlans. 

Is there a guide on how to do that?