My VM's traffic not passing thur OPNsense

[smnaqvee]

Hi !

I set up OPNsense on proxmox with these network settings attached in image .
However not sure how to setup all VM's nrwork so that all VM's traffic route thru opnsense forewall where I can implement rules on traffic or use zenarmor.

Can anyone guide as my proxmox server has one NIC do I need 1 more ? Can opnsense work with attached settings and start routing traffic of all VM's through opnsnse . Any help appreciated thanks

Do I need to attach  same 3 network interfaces to all VM;s as well.

[bartjsmit]

Change the default gateway of the VM' s to OPNsense LAN IP address, same as (presumably) your DHCP clients are set to.

[viragomann]

vmbr1 is your VMs LAN network.

In Proxmox remove the IP address from vmbr1.

Connect the OPNsense WAN to vmbr0 and the LAN to vmbr1. Assign an IP to both, for the LAN you have to use a different subnet, however. The LAN IP is the default gateway for your VMs.

Connect all your VMs to vmbr1.
If you enable the DHCP server in OPNsense on LAN, the VMs get their IP, gateway and DNS settings automatically from OPNsense.
The VMs should have internet access then.

[smnaqvee]

Hello,

Thanks I made some chnages but still not sure right or worng pic attached my OPNsense firewall intrfcae is now accessible on 192.168.1.101.

So if these settings are correct then Ineed to reassign interfaces in OPNsense and assign IP as well.

[smnaqvee]

I tried reassiging the iterface from opnsense CLI based interface however only see 2 interfaces to play with
EM0
vtnet 0

I assigned WM0 to WAN and vtnet0 to LAN

[viragomann]

OPNsense can only see, what it gets provided from Proxmox.

It's recommended to provide virtIO network cards.

I suggested to assign different subnets to WAN and LAN. If both have IPs in the same subnet, OPNsense is not able to route any traffic.