Unraid server web GUI access (with no switch)

[P195]

Hi All,

I currently have 2 PC's and my unraid server connected to the three LAN ports of my mini pc as I don't yet own a switch (but I've ordered one).

In the meantime, if I want to be able to access the unraid server web GUI on one of those PC's do I need to use a bridge or can I just create firewall rules to allow communication?

I've tried creating firewall rules but have been unable to access the web GUI. I'm not sure if that's because it's not possible or because I've set up the rules incorrectly. If I can do it with rules, can you advise how I should set it up please?

Thanks,
P195

[Patrick M. Hausen]

I recommend creating a LAN bridge over your three ports. Just follow the official documentation.

https://docs.opnsense.org/manual/how-tos/lan_bridge.html

Don't forget step six!

[P195]

Thanks for the recommendation, I'll give it a try this evening.

[P195]

So I've created the bridge as per the docs, and have internet access on my PC's.

I've booted the unraid server (non gui mode) and entered my username and password and it's now sat at root@tower:~#

According to the unraid quick install guide (https://docs.unraid.net/unraid-os/getting-started/quick-install-guide/#setting-up-the-unraid-os) it states:

Connecting to the Unraid WebGUI

There are two methods to connect to the WebGUI in Unraid, and you can always:

    Boot Unraid in GUI mode and login (username is root, no password by default).
    Open a web browser from your Mac or PC and navigate to http://tower.local

When entering http://tower.local in my browser I cant reach the GUI. Is that because I need to do some additional configuration in OPNsense (rules?) to allow the PC's to access the unraid GUI or should I be able to connect directly now that I've configured the bridge?

Thanks

[Patrick M. Hausen]

If you followed the documentation to create the bridge, your three LAN ports are now (sort of) a switch. And a single interface from OPNsense's point of view. You have the assignment (Interfaces > Assignments) of "LAN" on the bridge interface now, right? And you did set the two tunables from step 6 in the docs and rebooted your OPNsense?

If the answer to all of this is "yes", than again your three ports are now a "switch" and there is nothing involved on the part of OPNsense for a device on one port to communicate with a device on another port.

You will have to take this to the UnRAID community or someone knowledgable with that particular product. I am not.

Kind regards,
Patrick

[EricPerl]

Does tower.local resolve to an IP? If it doesn't, that's a mDNS issue.
You can try to solve that (first thing to check is that OPN is not in a .local domain itself) OR find the IP (for example from DHCP leases) and access by IP.

[P195]

Thanks guys, yes that's right I have the LAN (igc1) assigned to the bridge interface. I set the tunables and rebooted as per the guide.

When going to Services > ISC DHCPv4 > Leases I see:



So I tried entering 192.168.49.110 into the browser but that didn't resolve.

Sorry, how do I find out if tower.local resolves to an IP, and check that OPN is not on a .local domain ?

[Patrick M. Hausen]

Thanks guys, yes that's right I have the LAN (igc1) assigned to the bridge interface. I set the tunables and rebooted as per the guide.

You cannot have the LAN assigned to igc1 and the bridge interface. It's either-or. It must be assigned to the bridge interface not igc1.

Please show your Interfaces > Assignments screen.

[EricPerl]

Is W11 your LAN? It's the only one that shows up under DHCP.
And once you sort out the bridge, I would expect your other 2 PCs to show up in that list (unless you have static IP configured properly).
The hostname is promising. mDNS might actually work fine once your basic setup is correct.

The OPNsense domain is in System > Settings > General -> Domain. It's also displayed at the top of the screen (root@OPNsense.<domain>).

[P195]

Sorry, my mistake. I was wrong in what I said.
What I should have said was what used to be igc1 is now bridge0 (W11), and igc1 is now assigned to opt3:

 

I've set up my own hostname and domain name under System > Setings > General so no, I believe that means it's not on a .local domain.

Is W11 your LAN? It's the only one that shows up under DHCP.

Correct.

[P195]

once you sort out the bridge, I would expect your other 2 PCs to show up in that list (unless you have static IP configured properly).

So unraid and mint should both have entries under Services > ISC DHCPv4 after setting up the bridge?

note: I had to disable the existing DHCP entries for unraid and mint in order to to change the interface IPv4 Configuration Type to none as mentioned in the guide (I got a red banner saying I couldn't change it until DHCP was disabled). Those entries then disappeared from the ISC DHCPv4 list.

[EricPerl]

If you followed the instructions in order, the static IP settings of W11 (your LAN) and DHCP settings for W11 should have been left untouched in step 3...
BTW, the assignments are the other way around: OPT3 assigned to igc1.
And you might want to change your interface names at some point (note that the instructions had you unplug/replug a cable in step 3, so your naming convention might no longer work).

In the final state, OPTx should have no IP configs (none, none), W11 is assigned to bridge 0 (your LAN bridge acting as a switch, encompassing the 3 OPTx). W11 should have a static IP (default 192.168.1.1) and DHCP should dish IPs for that subnet.

Once that's setup properly, any device connected to either ports should be able to get IPs assigned via DHCP and be able to communicate between each other. mDNS might even work.

[P195]

If you followed the instructions in order, the static IP settings of W11 (your LAN) and DHCP settings for W11 should have been left untouched

That's correct, no changes were made to these as I followed the guide precisely.

In the final state, OPTx should have no IP configs (none, none), W11 is assigned to bridge 0 (your LAN bridge acting as a switch, encompassing the 3 OPTx).

Yes I have no IP configs set for any of the OPT 1,2 or 3. W11 is now assigned as Bridge 0. The bridge contains member interfaces OPT 1,2 & 3.

W11 should have a static IP (default 192.168.1.1) and DHCP should dish IPs for that subnet.

Correct except I've changed mine to 192.168.49.1

Unfortunately though, I'm still unable to reach http://tower.local or the IP lease for the server of 192.168.49.110

[P195]

So I've gone through the whole guide again from scratch and followed to the letter.

Interfaces end up as:

[WAN]              WAN       igc0

[LAN Bridge]      LAN       Bridge0

[Win11]            OPT3      igc1

[Unraid]            OPT1      igc2

[Mint]               OPT2      igc3

Restarted all devices. Plugged in WAN cable to igc0, W11 to igc1, unraid server to igc2, left mint disconnected.

Once at console I see:

LAN Bridge (bridge0)  ->  v4:  192.168.49.1
Mint (igc3)                 ->
Unraid (igc2)              ->
WAN (igc0)                 -> v4/DHCP4:  192.168.1.207/24

I noticed W11 is not on that list, is that expected? On the W11 PC, there is no network access. Properties of adapter are set to "obtain an IP address automatically".

[Patrick M. Hausen]

You need to assign "W11" to bridge0 in Interfaces > Assignments.