v24.1 install in KVM. 3x NIC-passthru. how2 config sshd/webgui 2 listen@ OPT1?

[pgnd]

i'm installing opnsense 24.1 in a linux-hosted KVM guest.

my host has a 4x port PCIe NIC.  i pass 3x to the opnsense guest.

Code Select Expand


virsh nodedev-list --tree
...
+- pci_0000_00_01_1
  |   |
igb0   |   +- pci_0000_10_00_0
  |   |   |
  |   |   +- net_enp13s0e0_c2_1f_66_8d_a4_e4
  |   |
igb1   |   +- pci_0000_10_00_1
  |   |   |
  |   |   +- net_enp13s0e1_c2_1f_66_8d_a4_e5
  |   |
igb2   |   +- pci_0000_10_00_2
  |   |   |
  |   |   +- net_enp13s0e2_c2_1f_66_8d_a4_e6
  |   |
igb3   |   +- pci_0000_10_00_3
  |       |
  |       +- net_enp13s0e3_c2_1f_66_8d_a4_e7
...


virt-install \
--name opnsense \
--virt-type kvm \
--connect qemu:///system \
--os-variant freebsd13.2 \
--arch x86_64 \
--boot uefi \
--nonetworks \
!! --host-device=pci_0000_10_00_0 \
!! --host-device=pci_0000_10_00_1 \
!! --host-device=pci_0000_10_00_2 \
...


install's all good.
from opnsense admin, i config intfcs/ips as:

Code Select Expand


WAN (igb0)  -> v4: static, 192.168.0.1/24
LAN (igb1)  -> v4: static, 10.1.1.1/24
OPT1 (igb2) -> v4: static, 172.16.0.1/24


atm,

   -- WAN is unattached
   -- LAN is unattached
   -- OPT1 is connected to my host/local-lan's switch; lan IPs are 172.16.0.2-254/24

i want to change opnsense config(s) so:

   (1) sshd
   (2) webgui

both listen @ OPT1 on 172.16.0.1, limited to connections from host/local-lan.

can those listeners be specified at the "virt-install" install step?
or, where in admin UI can those listeners be changed?
if only configurable @ opnsense shell, what specific config files need to be edited?