Cannot access internet or webgui from LAN

Started by eakteam, January 31, 2024, 09:30:20 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 31, 2024, 09:30:20 PM Last Edit: January 31, 2024, 10:17:53 PM by eakteam
Hello everyone. I'm struggling to setup a working network into my cloud services.

The setup is as the following:

Dedicated Server (1 Public IP) -> Proxmox ->(NAT) OPNsense -> Other VMs connected to lan

In Proxmox i have the following configurations at
Code Select
/etc/network/interfaces:

Code Select
source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

auto enp0s31f6
iface enp0s31f6 inet static
        address 94.130.x.x/26
        gateway 94.130..x.x

auto vmbr0
iface vmbr0 inet static
        address 10.10.10.1/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0

        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o enp0s31f6 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o enp0s31f6 -j MASQUERADE
        post-up   iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
        post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1

auto vmbr1
iface vmbr1 inet static
        address 172.16.0.1/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0

Ok, so created new VM(OPNsense), install and configure it as following:

WAN -> vtnet0 (bridge to vmbr0 at Proxmox Server)
LAN -> vtnet1 (brigde to vmbr1 at Proxmox Server)

WAN configured with 10.10.10.2/24
LAN configured with 172.16.0.1/24 DHCP(yes) Range: 172.16.0.2-172.16.0.254

After that created another VM(Ubuntu) and connected to vmbr1 (LAN of OPNsense connected to Proxmox vtnet1)
The client get the IP successfully via OPNsense DHCP as following -> IP 172.16.0.2 , Gateway 172.16.0.1, DNS 172.16.0.1

But this client cannot access internet or even OPNsense GUI from there.

I can ping from OPNsense shell client IP 172.16.0.2, also can ping google.com or 8.8.8.8
From client i can ping 172.16.0.1 but not google.com or 8.8.8.8
Also can't open OPNsense GUI from client via 172.16.0.1

The output of cat /etc/resolv.conf from OPNsense shell is like following:

Code Select
domain localdomain
nameserver 172.16.0.1
nameserver 10.10.10.1
search localdomain

What i am doing wrong? Spent more than 1 day to figure it out but nothing helped.
Print
Go Up Pages1
User actions