Messages

My OPNsense has crashed a couple of times for no apparent reason. The system simply wasn't responding: no connected device was getting an IP address, although it was responding to pings. So I had to reset the system.

I've attached the log, but it's quite perplexing. The only thing I see is that the WAN DHCP6C interface stops responding (confirmed at 2026-01-15T01:41:07 by the Home Assistant log). I really don't see anything else that would indicate a problem.

Can a WAN interface failure cause the entire system to crash? I'm asking the experts to clarify this point because I don't know how to interpret it.

Thank you very much.

Why not enable DHCP in all interfaces?
Yes, there is a single option in DNSmasq section. I already read that Kea is, perhaps, the best option. I'll check once I finish setting what is working now.
Apprecite!

But...

"Interface IPs used to respond to queries from clients. If no interfaces are selected, Dnsmasq will listen on all available IPv4 and IPv6 addresses by default. However, DHCP related firewall rules will only be added for explicitly selected interfaces, never for all interfaces."

I finally got it!
Following viragomann's instructions led to the solution.
There are still some details to add.

1. Add the listening interfaces to the DNS (in my case, DNSMASQ).
2. Add the listening interfaces to AdGuard (which isn't trivial). You either have to modify AdGuardHome.yaml, or delete it and start over.

Now I'll add blocking rules between VLANs so it behaves the way I want.

I've added a new photo with the final settings into the first post, so newbies like me don't have to waste so much time.

THANKS EVERYONE!

I am running into the same problem as you, but I just read an article where it talks about creating a Linux bridge, assigning an IP, and that becomes the LAN side. My problem with that is that my network has a few vlans, so how do I get those in the OPNsense config also?

If you run OPNsense virtualized you can do the whole VLAN termination on the hypervisor, Proxmox in your case. So you don't need to create any VLAN inside OPNsense, just add a virtual interface to it for each.
Or you do the VLAN termination inside OPNsense. Both is possible.

In both cases you need to enable VLAN awareness on the Proxmox bridges.

I see! So, it would be enough to assign the corresponding VLANs to the interfaces created on the host and forget about that in the OPNsense section. Makes sense! I'll definitely test it tomorrow!
Thanks.

I would prefer to use OPNsense for VLAN termination, so Proxmox is just another server in the server VLAN.

Right now I have these VLANs:

A) VLAN 2: this is my WAN interface and any network devices for mgmt purposes.
B) VLAN 3: this is my server VLAN.
C) VLAN 10: this is my wireless VLAN.
D) VLAN 12: this is my guest wireless VLAN.
E) VLAN 20: this is my streaming VLAN.

Ideally I want setup VLANs on OPNsense, as part of the VM install. I can pass to the OPNsense VLAN a Linux bridge that is VLAN aware and then carve up the needed VLAN interfaces within OPNsense. Does all of this make sense? I am going to build my Proxmox config and OPNsense VM config and will detail them here.

Thanks,
Steve

I'll appreciate that info because I can't reach any suitable exit to what I need.
Thanks in advance.

It seems there's not much activity here.

Sadly you didn't provide the requested information. So it's hard to help.

It seems there's not much activity here.

Sadly you didn't provide the requested information. So it's hard to help.

I provided all the info days ago.

It seems there's not much activity here.
I've also read and watched quite a few articles on the subject, but nothing that I know how to make work in my case.

Thanks a lot for the replay.

I've added two pictures with the switch config and here the PROXMOX network config.

pppoe1 is on vnet0 in the config witch is working now.
On the new version (the one that doesn't work) I create one new vnet for every VLAN:
LAN: vnet0
WAN: vnet1
Guests: vnet2
IoT: vnet3
The name vnet0.24 is assigned by the system. When you try to create a new VLAN, a message says that the name has to begin with vlan0

Hello everyone.
I've spent quite some time searching on this forum and other sources ways to properly structure the equipment and systems I'll explain below, but I haven't been able to get it working. I'm convinced that some minor detail is missing, but it's preventing it from functioning correctly. This situation is frustrating.
That's why I'm asking for your help because I don't know what else to try.
We have a laptop with a single NIC, running Proxmox, with OPNsense as main router, in addition to other systems (Home Assistant, OpenMediaVault, and others on standby). The IoT devices at home have grown (now I got 23) and there are two Chinese IP cameras, so I wanted to isolate them from the rest of the network. I wanted to add a guest network too.
At this moment, the system is working like the first picture.
I obviously don't understand how it works (which is embarrassing), because if I set port 1 of the switch to UNTAGGED (as I believe it should be), there's no internet access.
The only thing I can think of is that the tags are being lost through Proxmox, and everything is truly untagged. The connection to the ISP works because it's via PPPoE. Is that correct?
What I'm trying to achieve is something like the second.
But it doesn't work.

HELP!!!!!