"
- I give similar settings to the PFSENSE test firewalls (which are turned off). I check that all the settings are OK. I have my PC on the workshop network and a witness VM on the DMZ network (between OPNsense and Router WAN).
- On my PC, I have access to the internet and the configuration interface.
- I save the OPNsense VM
- I configure my web server on a VM named Odoo, it will be on the Workshop network. I add the NAT forward (INT_WANFREEPRO, INT_WANFREEPRO address, 443, 192.168.0.100, 443,).
- I test from my workstation, a web request using the OPNsense IP address on the WAN side, I get the port redirection.
- On the witness VM, I have no response.
- I test different OPNsense settings to find the origin of this blockage.
- I modify the forward NAT (INT_WANFREEPRO, this firewall, 443, 192.168.0.100, 443,).
- Result: I lose access to the OPNsens administration interface on the INT_WORKSHOP side and instead I have my website.
- restore the VM
- I modify the NAT (INT_WANFREEPRO, 192.168.10.1, 443, 192.168.0.100, 443,).
- On the witness VM, I have no response.
- I test the firewall optimization and set it to "Conservation".
- On the witness VM, I get the website
- On my workstation I lose access to the internet and to the OPNsense administrative interface
- restore the VM
- Impossible to have a packet response from the INT_WORKSHOP interface whether it is ping, port 443. No more network response.
- After writing this message, I regained access to the OPNsense administrative interface.
OPNsense is horrible to configure and does not guarantee its stability in a virtualized environment communicating with both VMs and physical computers.
If I want to no longer depend on pfsense, I need an OPNsense compatible configuration in a Proxmox VM that can communicate between VM and physical machine and have functional port redirections, while FREEPRO requires INT_WANFREEPRO to be in DHCP.
- On my PC, I have access to the internet and the configuration interface.
- I save the OPNsense VM
- I configure my web server on a VM named Odoo, it will be on the Workshop network. I add the NAT forward (INT_WANFREEPRO, INT_WANFREEPRO address, 443, 192.168.0.100, 443,).
- I test from my workstation, a web request using the OPNsense IP address on the WAN side, I get the port redirection.
- On the witness VM, I have no response.
- I test different OPNsense settings to find the origin of this blockage.
- I modify the forward NAT (INT_WANFREEPRO, this firewall, 443, 192.168.0.100, 443,).
- Result: I lose access to the OPNsens administration interface on the INT_WORKSHOP side and instead I have my website.
- restore the VM
- I modify the NAT (INT_WANFREEPRO, 192.168.10.1, 443, 192.168.0.100, 443,).
- On the witness VM, I have no response.
- I test the firewall optimization and set it to "Conservation".
- On the witness VM, I get the website
- On my workstation I lose access to the internet and to the OPNsense administrative interface
- restore the VM
- Impossible to have a packet response from the INT_WORKSHOP interface whether it is ping, port 443. No more network response.
- After writing this message, I regained access to the OPNsense administrative interface.
OPNsense is horrible to configure and does not guarantee its stability in a virtualized environment communicating with both VMs and physical computers.
If I want to no longer depend on pfsense, I need an OPNsense compatible configuration in a Proxmox VM that can communicate between VM and physical machine and have functional port redirections, while FREEPRO requires INT_WANFREEPRO to be in DHCP.
