Messages

This is what I was thinking in Proxmox:
OpnSense config (GUI @ 192.168.1.1):
--WAN--
vmbr1 (bridged to WAN# 1 physical NIC, IP: 192.168.10.2).
vmbr2 (bridged to WAN# 2 physical NIC, IP: 192.168.11.2)
--LAN--
vmbro 10 (virtual interface #1 for OpnSense LAN -> OpenWrt WAN1
vmbro 20 (virtual interface #2 for OpnSense LAN -> OpenWrt WAN2

OpenWrt config (GUI: 192.168.40.1):
WAN1: vmbr10 (static IP, 192.168.10.2)
WAN2: vmbr20 (static IP, 192.168.11.2)
--LAN--
vmbr0 (bridged with physical NIC connected to downstream dhcp router @ 192.168.100.1)

Yes, each box is physically a router (LAN: 192.168.10.x) connected to a unique public IP (its WAN) (one can be a mobile tether/hotspot etc.)

Was looking for an upload icon but you just drag underneath the body!

https://imgur.com/a/2BKqgJm

here is the link, can you see it?

** In addition to that, I am not sure how I would route it through OpnSense.

Is that more clear? :-)

Need help with a complex project. I am able to use OpnSense firewall but as a single WAN interface and hand it off downstream to a router. However, when this is the case, I run into issues with routes and gateways since I can't see specifics.

Instead, I've been trying to figure out how I can have the OpnSense firewall merely do its job on two WAN interfaces being bridged (via Proxmox on same machine) to my OpenWRT router.

I read the manual and saw there was some information about MultiWAN, but I do not want OpnSense to do any failover/load-balancing. Just follow my firewall rules and and move WAN# 1-2 down to OpenWRT. Have not been able to get it to play nicely - either I will lose connectivity to OpenWRT or one of the interfaces will be lost.

Machine running Proxmox has 3 NIC's (two for WAN, one for LAN).

Hey,

I just mean like maybe a plugin that can help "assign profiles" - VPN clients to devices. While for many of the folks here on this forum it might not be that complicated, I've had a hard time loading client config's to connect to VPN's.

For example, say I want a static IPv4 lease (my phone) to always be connected to a wg tunnel for browsing privacy/Youtoube adblocker etc. I find it bit complex how to add a quick wireguard profile and assign it to the device. I've spent a good few days learning about the OPNsense framework, and I know I could learn this too. But a plugin for "plug-and-play" would be nice!

Have a great weeekend

Hey,
This might be a bit of a reach for most of the pro's out here...but I've grown to enjoy the VPN Profile configurator's like the one from the Asus routers. It's basically a nice GUI that allows you to [graphically] select which devices are transmitting traffic through which tunnel (assign profiles).

Does anyone know if there's anything like that available?

Here's a few pics from the non-Merlin FW's, but each is somewhat different aesthetically.
https://www.asus.com/us/support/faq/1011232/