Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - HarounM

Pages1
#1
General Discussion / Re: Access Web GUI over WAN - Router-on-a-Stick setup
October 12, 2024, 12:47:51 AM
Thank you everyone for your replies. I just wanted to say that I've solved this problem by rebooting the system after applying the rule (saw it on some tutorial and weirdly enough it worked). Just for the sake of learning and sharing knowledge, here is some clarification on my setup:
- By WAN I'm refering to the interface that OPNsense names as that, but in reality it is bound to my ISP router so it is situated on my main router's LAN that's why I'm not worried about exposing the GUI.
- I could be mistaken by using the term router-on-a-stick, I've just learned it xD
- I'm not using OPNsense as a router (I don't have anything fancy in my network nor do I have the appliances that allow me to use it as such). I'm using OPNsense to have an easy way to setup a Wireguard server that would allow me to remotely access my homelab. Plus, my homelab contains malware analysis VMs so it would be useful to have a firewall controlling them.
#2
General Discussion / Access Web GUI over WAN - Router-on-a-Stick setup
October 10, 2024, 11:57:08 AM
I have just started using OPNsense and I'm having quite the struggle trying to access the GUI over WAN. I'm running OPNsense virtualized inside a Proxmox VM and I'm just planning on using it as a firewall for the other VMs (that are linked to a virtual bridge with no physical interface) and as a WireGuard server for remote access, so no routing at all. My machine have only one NIC and I do not need more, just that single port to link it to my ISP router/modem. My setup is like this:
___________________________________________________________________________________________________
ISP router/modem (192.168.100.1/24) <--> Proxmox vmbr0 (192.168.133/24) <--> OPNsense WAN (192.168.100.119/24)    |
                                                                                                                                                                                                     |
OPNsense LAN (192.168.133.1/24) <--> Proxmox vmbr1 <--> Proxmox VMs (none right now)                                                 |
_________________________________________________________________________________________________ _|

I have tried to disable the private network block on the WAN interface and add both Nat port-forwarding and fw rules to pass all traffic coming from the WAN net to the WAN net to no avail. Checking the logs, I do see incoming packets that are blocked apparently by a default block fw rule. And inspecting my WAN pass rule, I notice that it is evaluated but never matched.
How could I solve this problem as accessing the Web GUI from a VM is not really practical ?
Pages1