Messages

I agree with @Sheridan Computers above. I've had Proxmox working with OPNSense (and a Pihole) for the last couple of years on modest hardware (a thin client) with a 4-port network adapter (in pass-thru). I don't remember having to follow a guide, but there are plenty of them out there if you're not that familiar with the process.

Whilst my OPNSense config is relatively simple (PPPoE WAN, DHCP, Firewall, a few VLANs), it's still much more adaptable than a bog-standard consumer router.

I also have several other acquaintances who use Proxmox and OPNSense without any issues.

Never had a problem with software upgrades either, although I always take a snapshot first just in case.

Maybe, just maybe, the problem you're having isn't with Proxmox and OPNSense.

Not using PPPOE

Still worth checking that upstream gateway is checked on your WAN side.

Look at this thread:
https://forum.opnsense.org/index.php?topic=36688.msg179207


If your WAN side is PPPoE, then go to System -> Gateways -> Single. Edit your WAN_PPPOE connection and make sure that Upstream Gateway is checked. Don't forget to click Save.

This let's OPNSense know that this is your default gateway.

In a surprising twist the last update picked up the required security update. ;)


Cheers,
Franco

Let's hope the next update has a surprising twist and fixes the multiple squid vulnerabilities  ;) :

squid-5.9 is vulnerable:
  squid -- Multiple vulnerabilities
  WWW: https://vuxml.freebsd.org/freebsd/a8fb8e3a-730d-11ee-ab61-b42e991fc52e.html

This has been fixed in 23.7.7:
ports: curl 8.4.0

This issue also exists in 23.7.5, it's not specific to 23.7.6. In fact, looking at the versions of curl that this affects, it would have been an issue going back at least 3 years (and not just for OPNsense, but for any device that uses curl/libcurl).

Whilst it is a high severity vulnerability, it should only be an issue if you use a socks5 proxy - there are also some recommendations at the bottom of this page:
https://curl.se/docs/CVE-2023-38545.html