urgent - stuck with my opnsense config -IP V4 Fixed with a telco gateway

[niouflon]

Hello, I just installed opnsense on proxmox (latest release) to replace my mikrotik router.
I am trying to reach internet with a Fixed IP like 47.10.X.Y/32 via my operator's gateway in 80.60.X.Y.
I must be in Vlan 300 and have a precise mac address.
This works well mikrotik. Not with my opnsense config
several questions:
1 / I put a vlan 300 on the network device in proxmox which serves my WAN port. Should I also associate a vlan 300 on the opnsense wan? or is it useless?
2 / I put the right mac address on the network device in proxmox which serves my WAN port, should I also put the same mac address on the WAN in opnsense?
3 / how to check that I am reaching the gateway in 80.60.X.Y.?
4/how to check that I am connected to my public internet IPV4 47.10.X.Y?
does someone has the same config (fixed ip, gateway, vlan and MAC adress on the wan port) to reach internet ?

thanks in advance

[pfry]

Hello, I just installed opnsense on proxmox (latest release) to replace my mikrotik router.
I am trying to reach internet with a Fixed IP like 47.10.X.Y/32 via my operator's gateway in 80.60.X.Y.
I must be in Vlan 300 and have a precise mac address.
This works well mikrotik. Not with my opnsense config
several questions:
1 / I put a vlan 300 on the network device in proxmox which serves my WAN port. Should I also associate a vlan 300 on the opnsense wan? or is it useless?
2 / I put the right mac address on the network device in proxmox which serves my WAN port, should I also put the same mac address on the WAN in opnsense?
3 / how to check that I am reaching the gateway in 80.60.X.Y.?
4/how to check that I am connected to my public internet IPV4 47.10.X.Y?
does someone has the same config (fixed ip, gateway, vlan and MAC adress on the wan port) to reach internet ?

thanks in advance

1) Exactly - the WAN should be asssociated to the VLAN interface.
2) I believe you have to set this in the main interface (that serves the VLAN). The field is, not surprisingly, "MAC address". I haven't used Proxmox, so if there are any caveats related to it, other folks will have to chime in.
3) Well, there's a Ping tool under Interface Diagnostics...
4) AWS? Not sure offhand if you can ping that. You can use the firewall live log to observe filter logs as you test it (live test).

[Edit; sp] Good luck. I imagine others here will have corrections/additions.

[EricPerl]

On the WAN side, given there will only be one VLAN used, you might as well make the bridge VLAN aware and specify VLAN & MAC in the VM network config.
Don't do anything VLAN related in the VM for the WAN.
In this configuration, I believe the bridge adds the VLAN tag (as a switch would do it on an access port).
This is a fairly typical configuration for untrusted VMs. Assign WAN to vtnetX during install.
You can be stricter by editing /etc/network/interfaces (examples here).

On the LAN side, if you plan on using VLANs too, you can pass the entire bridge down and do all VLAN management in OPN (as you would with PCIe passthrough).