Hey guys,
I’m looking for a bit of help please 
I have Proxmox installed which I plan on using for some virtualised machines for web development work. I am also looking to install OPNSense on this node as well.
Proxmox Node Config:
1x Onboard motherboard ethernet port.
4x PCI ethernet ports through a NIC.
Port IDs as follows:
enp2s0 - Onboard ethernet port.
enp1s0f0 - enp1s0f3 - PCI NIC
Within Proxmox under System >> Network I have the following:
Bond0 - enp1s0f0 and enp1s0f1 as slaves.
enp1s0f0
enp1s0f1
enp1s0f2
enp1s0f3
enp2s0
vmbr0 - enp2s0 as slave.
vmbr1 - Bond0 as slave.
vmbr2 - enp1s0f3 as slave.
The Proxmox ‘firewall’ option is disabled on all adapters.
OPNSense Virtual Machine Config:
Under the OPNSense virtual machine, I have the following under Hardware:
net0 - virtio=XX:XX:XX:XX:31:ED,bridge=vmbr0,firewall=0
net1 - virtio=XX:XX:XX:XX:D8:67,bridge=vmbr1,firewall=0
net2 - virtio=XX:XX:XX:XX:22:84,bridge=vmbr2,firewall=0
I want to configure VLANs since I’m essentially re-designing the home network.
I have configured OPNSense with the following VLAN interfaces:
vtnet1_vlan10 [Management] with parent vtnet1 (XX:XX:XX:XX:d8:67) and tag 10.
vtnet1_vlan20 [Services] with parent vtnet1 (XX:XX:XX:XX:d8:67) and tag 20.
vtnet1_vlan30 [LAN] with parent vtnet1 (XX:XX:XX:XX:d8:67) and tag 30.
vtnet1_vlan40 [IoT] with parent vtnet1 (XX:XX:XX:XX:d8:67) and tag 40.
Then under Opnsense GUI under Interfaces: Assignments I have:
IoT (opt4) with network port vtnet1_vlan40
LAN (opt3) with network port vtnet1_vlan30
MANAGEMENT_PORT with network port vtnet0
Management (opt1) with network port vtnet1_vlan10
Services (opt2) with network port vtnet1_vlan20
WAN (wan) with network port vtnet2
This is where the problem starts.
Within the Switch (Zyxel GS1200) GUI I have configured as follows:
IP Address: 10.10.10.10
Gateway: 10.10.10.1 (Management VLAN interface)
Subnet: 255.255.255.0
Management VLAN: 10
LAGG (using MAC SA & DA): Port 3 and Port 4
I have also set the following VLANs:
VLAN 1 (default switch): Untagged Port 1, Untagged Port 2
VLAN 10: Tagged Port 3/4 (LAGG), Untagged Port 5 (for testing)
VLAN 20: Tagged Port 3/4 (LAGG)
VLAN 30: Tagged Port 3/4 (LAGG)
VLAN 40: Tagged Port 3/4 (LAGG)
If I connect the LAGG ports on the switch to the LAGG ports on the server, the switch doesn’t seem to be accessible.
If I create a Ubuntu virtual machine on Proxmox and assign the vmbr0 adaptor and set a VLAN tag of 10, 20, 30, etc I can confirm it seems to work as intended. However, I remain unable to access the switch.
If I connect my computer directly to the switch (on a port with a PVID of 10) and manually specific an IP address, I can connect to the switch.
If I manually create a static ARP entry for the switch MAC address, it shows as “connected” on the DHCP leases with a static IP but this is not accessible.
Any suggestions? 