Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Opnsense on a Proxmox VE 8 with a single NIC need multiple VLANS
« previous
next »
Print
Pages: [
1
]
Author
Topic: Opnsense on a Proxmox VE 8 with a single NIC need multiple VLANS (Read 6656 times)
Jarvar
Newbie
Posts: 5
Karma: 0
Opnsense on a Proxmox VE 8 with a single NIC need multiple VLANS
«
on:
October 04, 2023, 01:32:14 pm »
I'm sure this has been asked before but I have had trouble finding the answer.
Essentially I have an old Intel NUC where I installed Proxmox VE 8 on. I will most likely eventually get a Protectlii or build a box with multiple NICs.
However, I wanted to get the Opnsense VM up, running and tested before doing that.
I have the one NIC setup as a Linux Bridge in the hardware section as vmbr0
What I did get working was using the Opnsense VM to add additional network devices which will show vmbr0
and then net0.
I believe net0 is added by default and each subsequent network device will be added as net1 and so on.
The vlans work if I tag them in proxmox, and then add and assign them interfaces within the opnsense VM.
This works, but that means each time I want to create a VLAN, I need to first add a network device wichin Proxmox and to that specific VM, then go inside the opnsense VM and add and assign.
Is this the way to do it? or should there be a simpler way?
is there a way to just assign VLANS inside the Opnsense VM on the same network device?
There's probably a lot that I am missing. Please help and thank you.
Logged
Maurice
Hero Member
Posts: 1213
Karma: 158
Re: Opnsense on a Proxmox VE 8 with a single NIC need multiple VLANS
«
Reply #1 on:
October 04, 2023, 02:20:07 pm »
Tagging VLANs in the hypervisor and adding one virtual NIC per VLAN to the VMs is indeed the best way to do it, imho.
There are other ways, but keeping VLANs out of the VMs typically makes things easier and more reliable. At least that's my experience.
Cheers
Maurice
Logged
OPNsense virtual machine images
OPNsense aarch64 firmware repository
Commercial support & engineering available. PM for details (en / de).
Jarvar
Newbie
Posts: 5
Karma: 0
Re: Opnsense on a Proxmox VE 8 with a single NIC need multiple VLANS
«
Reply #2 on:
October 04, 2023, 04:08:26 pm »
Hello Maurice,
Thank you so much for your reply.
That's what has worked for me.
However, I'm trying to see if I can skip a step. For example, adding VLAN inside the Opnsense.
When I add a virtual NIC in Proxmox, it creates vtnet0,
then I assign interfances. LAN is set to vlan19 and vtnet0
then I assign wan to vtnet0 as well.
The opnsense portal or gui is then accessible from the IP given out for the WAN.
When I set an ip after assigning for LAN using vlan19 it becomes inaccessible,
Just wondering if anyone has setup vlan without creating a virtual nic tied to VM in proxmox.
This would avoid a two step process. Since I would be attaching all vlans to the same NIC anyways that was my thinking.
When I create a virtual NIC per vlan then it's like opnsense thinking I have more NICs then I have,
I know with other routers and firewalls I can pass several vlans through the same port without having to segregate them physically.
Thanks so much.
Logged
Maurice
Hero Member
Posts: 1213
Karma: 158
Re: Opnsense on a Proxmox VE 8 with a single NIC need multiple VLANS
«
Reply #3 on:
October 04, 2023, 05:17:44 pm »
I have no first-hand experience with Proxmox, so I can only give general advice which should apply to most hypervisors.
If you use one (untagged) virtual NIC per VLAN, you don't have to add VLANs inside OPNsense at all. Create the virtual NIC in the hypervisor and set the VLAN ID, assign it inside OPNsense, done.
On the other hand, if you only want one virtual NIC and do all VLAN configuration inside OPNsense, you have to configure the virtual NIC as a trunk in the hypervisor. This allows passing frames with any VLAN tag to and from the VM. Then you configure VLANs in OPNsense as you would with a physical NIC.
You could also make the physical NIC directly available to OPNsense (PCI passthrough), but on a system with only one NIC that's probably not a good idea.
Cheers
Maurice
Logged
OPNsense virtual machine images
OPNsense aarch64 firmware repository
Commercial support & engineering available. PM for details (en / de).
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Opnsense on a Proxmox VE 8 with a single NIC need multiple VLANS