[SOLVED] Accessing VM's between two lan networks

[Snek]

Hello,

I have a small ESXi host for my VM’s and recently I have decided to create another lan network for tests behind an OPNSense VM. I can ping and RDP from the Test lan VM any VM or PC on the Primary LAN and also access the internet, but I cannot ping or RDP VM’s on the Test LAN from the Primary LAN. I have not created any custom rules on the OPNsense VM. How can i resolve this issue?

Any help regarding my issue will be greatly appreciated.


Here are my settings:

Primary LAN
IP: 192.168.200.0/24
GW: 192.168.200.1 - OPNSense FW
DNS: 192.168.200.43 - Windows DC VM

Test LAN
IP: 192.168.220.0/24
GW: 192.168.220.1 - OPNSense VM
DNS: 192.168.220.10 - Test lan DC

Here is a diagram of my setup:



Thank you in advance.

[dseven]

It's not working because hosts on the Primary LAN are pointing to your OPNsense FW, but it has no route to 192.168.220.0/24.

You could add a static route for it, but then you get into an asymmetric routing scenario, because return traffic from Test LAN will not pass through your OPNsense FW. See https://docs.netgate.com/pfsense/en/latest/routing/static.html#asymmetric-routing

Alternatively, you could add static routes for 192.168.220.0/24 to each of your LAN hosts, pointing to your OPNsense VM, but that's not going to be easy to manage.

Either way, you'd also have to make sure that NAT is disabled on the OPNsense VM.

[Snek]

Thank you for the information. Will update the thread with the outcome.

[Snek]

@dseven thank you for your help.

Everything works now. I added in my hardware opnsense a gateway pointing to the ip of the opnsense vm then created a route and i can now have full access from the primary lan to the test lan.

Will change the title of the thread to solved.