1
General Discussion / vlan issue - Windows vm's not accessing internet or dns
« on: September 27, 2024, 05:09:02 pm »
So it sounds odd but truth is stranger than fiction...
I setup two vlans for my lab testing and for the most part that went fine. I have a vlan for windows and a vlan for Linux. I'll spare all of the troubleshooting I went through but the net issue is that my Linux vm's are getting dhcp, dns and are routable to the internet. My Windows vm's get dhcp, but don't appear to get DNS and cant reach any ip on the internet. Its doesn't appear to be vlan specific. I can put a Linux vm on either vlan and it will get dhcp, dns, and route. I can put a windows vm on either vlan and it will get dhcp, but no dns and no access to internet. If I put the a windows vm on the LAN interface (non vlan), it gets DHCP, DNS, and has internet access.
So here is my setup:
OPNsense server WAN interface to ISP modem
OPNsense server Lan interface to cisco 3650
Lan is my management vlan for all practical purposes
Vlans for my internal lab:
vlan 12 (linuxvms) (172.16.12.1/24)
vlan 14 (windowsvms) (172.16.14.1/24)
Each vlan has its own dhcp scope and I've added these interfaces to unbound. I've built a proxmox server with a bond and bond.x for the vlans. Proxmox is setup with a LACP connection (2 nics) to a port-channel on the 3650. I defined all of the vlans and vlan routing on the 3650 and made the appropriate trunks, etc.
Each vlan was setup identically and at the same time with the same firewall rules (all access out to wan; allow access to DNS). (attachment)
After troubleshooting this for several days, This *feels* like a firewall rule, but it would have to be an automatic rule as I haven't changed or created any additional rules(outside of the ones for the vlans).
Any direction is much appreciated...
I setup two vlans for my lab testing and for the most part that went fine. I have a vlan for windows and a vlan for Linux. I'll spare all of the troubleshooting I went through but the net issue is that my Linux vm's are getting dhcp, dns and are routable to the internet. My Windows vm's get dhcp, but don't appear to get DNS and cant reach any ip on the internet. Its doesn't appear to be vlan specific. I can put a Linux vm on either vlan and it will get dhcp, dns, and route. I can put a windows vm on either vlan and it will get dhcp, but no dns and no access to internet. If I put the a windows vm on the LAN interface (non vlan), it gets DHCP, DNS, and has internet access.
So here is my setup:
OPNsense server WAN interface to ISP modem
OPNsense server Lan interface to cisco 3650
Lan is my management vlan for all practical purposes
Vlans for my internal lab:
vlan 12 (linuxvms) (172.16.12.1/24)
vlan 14 (windowsvms) (172.16.14.1/24)
Each vlan has its own dhcp scope and I've added these interfaces to unbound. I've built a proxmox server with a bond and bond.x for the vlans. Proxmox is setup with a LACP connection (2 nics) to a port-channel on the 3650. I defined all of the vlans and vlan routing on the 3650 and made the appropriate trunks, etc.
Each vlan was setup identically and at the same time with the same firewall rules (all access out to wan; allow access to DNS). (attachment)
After troubleshooting this for several days, This *feels* like a firewall rule, but it would have to be an automatic rule as I haven't changed or created any additional rules(outside of the ones for the vlans).
Any direction is much appreciated...