Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
OPNsense in Proxmox: Difficulty crossing Vlans across Cisco switch
« previous
next »
Print
Pages: [
1
]
Author
Topic: OPNsense in Proxmox: Difficulty crossing Vlans across Cisco switch (Read 1230 times)
StudlySpud
Newbie
Posts: 2
Karma: 0
OPNsense in Proxmox: Difficulty crossing Vlans across Cisco switch
«
on:
January 18, 2024, 05:17:24 am »
Hi all!
I have spent the last four days setting up home network, essentially it is proxmox running on a mini Dell box with two NICs, and OPNsense running in a VM, them on into a Cisco Sg300 switch. I have gotten fairly far from following guides on youtube and also on these forums. I feel I'm almost there, but I am faced with a problem where I cannot access devices across Subnet.
My setup is as follows:
Proxmox has a linux bridge to one adaptor enp1s0, this is the WAN port. WAN in this case is my existing home network, internet router, other devices.
Proxmox has a linux bridge to one adaptor eno1, this is the LAN port.
Additionally there are two Linux VLANs created from the eno1 adaptor, with VLAN tags, which are then bridged as new adaptors. These four total adaptors are fed into the VM. These are not VLAN tagged into the VM (although I have tried that).
(See screenshot).
I have settled on the method as the most functional, I found I couldn't get VLAN communication at all when I just had the one LAN interface and tried to push VLANs through it.
Cisco switch is in L2/Switch mode. I have set up a single port #25 as Trunk.
This brings me to my first worry - typically the guides I see have one port as LAN management, and a second port (or LAGG'd ports) as the VLAN trunk.
First question: is it possible to manage VLANs between OPNsense and Cisco switch with a single physical interface?
In OPNsense, I have created and tagged two VLANs, and parented them to the extra LAN interfaces. .10 and .20.
Each interface has a static IP for example 192.168.1.10. Each interface has DHCP set up.
In addition, I have a firewall floating rule which should apply to all interfaces, which permits any traffic, from anywhere, on any port. This is for the sake of this testing.
In Cisco switch, I have the trunk on port 25. I have a device on LAN1 on port 1. have a device on VLAN10 on port 8. I have a device on VLAN20 on port 9. (Ignore the other ports in the screencaps - they were from initial setup for this part of the test).
What is working:
Devices (both PCs) on LAN1 and LAN10 got an IP via DHCP.
These PCs can ping all the gateways on the opnsense box - 192.168.10.1, 192.168.20.1. These PCs can also access internet, and devices on WAN.
Device (NAS) on LAN20 got an IP via DHCP. (I know this as I can remote in through a separate backdoor via WAN interface into secondary NAS ethernet port).
opnsense can ping all three devices.
Cisco switch can only ping the two PCs - not the NAS.
What is not working:
Cisco switch cannot ping the NAS.
PCs cannot ping the NAS.
PCs cannot login to the NAS via this interface (they can login via the other interface).
Final clues:
I can see my attempt to connect to the NAS in the firewall log (PC at 192.168.1.101 to NAS at 192.168.20.100). I'm a little surprised to see it accepted by the rule "let out anything from firewall host itself", rather than "Allow all traffic testing".
Is anyone able to shed some light here, what am I not quite grasping to get the VLANs communicating to each other? Thanks for reading thus far! I apologize if screenshots are a bit small, had to fit around the file size limits here.
«
Last Edit: January 18, 2024, 10:53:06 pm by StudlySpud
»
Logged
StudlySpud
Newbie
Posts: 2
Karma: 0
Re: OPNsense in Proxmox: Difficulty crossing Vlans across Cisco switch
«
Reply #1 on:
February 22, 2024, 04:10:19 am »
Ok all, I have solved it! You must set the default gateway for each vLan interface on Opnsense to itself; 192.168.1.1.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
OPNsense in Proxmox: Difficulty crossing Vlans across Cisco switch