I have a tiny lenovo m900 which i added a second ethernet port to and i’m trying to set it up as a proxmox server with OPNsesne. I’ve got the OPNsense VM setup with the two ethernet ports bridged to it. Everything is working fine on the network except my proxmox server doesnt have an internet connection. How can i set it up so that one of the ports acts as my LAN default gateway and also functions as the management port for proxmox. I’m guessing that’s what is causing this issue.
Add each hardware NIC to its own Linux bridge. Add two VNICs to the opnsense VM. In proxmox gui, assign an address to the LAN Linux bridge for the management interface. That’s what I do and I’ve had no problems for over a year. It works fine with near 1gbps symmetrical connection.
I’m a little confused. I think that’s exactly how I have it set up currently. The problem is that proxmox doesn’t get an internet connection. I’m unable to ping out or resolve dns from proxmox. The rest of the network is getting internet though. I reserved a static ip in OPNsense for proxmox. Could that be causing a problem?
It really depends on how you have your /etc/network/interfaces set up. For one of your bridges, proxmox needs to have an IP. If you want proxmox’s traffic to go through OPNsense, it should have an IP on the LAN bridge. You have to make sure the interfaces file explicitly sets a static IP or explicitly says it will get its IP via DHCP.
Since you set a static IP on OPNsense for Proxmox, you will need to manually set it to use DHCP on the LAN bridge. In my experience, this does not work because Proxmox will fail to get an IP via DHCP if OPNsense is not up yet. I highly recommend you set a static IP in the interfaces file.
Add an IP to one of the bridges, Proxmox will then use that bridge with that IP.
Proxmox lets you do that? Don’t. Just give the opnsense VM a virtual NIC and do a router-on-a-stick configuration.
You could also just assign one physical port to the opnsense VM and still do a router-on-a-stick.
Although personally, I wouldn’t recommend virtualizing your network gateway. If you break Proxmox, you’ll also lose Internet access. And if you have to do maintenance on Proxmox, same issue.
The inverse is my recommendation to virtualize the firewall, easy backups/snapshots, migrate to another host, setup CARP, etc.