Connectivity issues on 2nd network for VMs with pfSense/Proxmox

Networking & Firewalls
1

Hi guys!

So I am trying to set up a second network just for my virtual machines on my proxmox server, but for some reason I am getting very weird (in my opinion) connectivity issues.

First of all, here is my setup:

  • Physical pfSense box connected to my modem for WAN
  • LAN network on pfSense with subnet 192.168.0.0/24 for my management/main network
  • OPT1 network on pfSense with subnet 192.168.1.0/24 which should be for the VMs
  • I have Proxmox running with 2 available NICs
  • The first NIC (enp2s0f0) is connected via a Cisco SG300-28 switch to the LAN network on pfSense. Everything works as expected here
  • I want to connect the second NIC (enp2s0f1) to the OPT1 interface on pfSense
  • I have the LAN network on the default VLAN 1 on the switch
  • For the OPT1 network, I configured ports 6 & 7 on the switch to belong to another VLAN with the ID 10

Here is a screenshot of the interface settings on the switch:

VLAN to port mappings

Here are my interface settings in proxmox:
Proxmox settings

At first I thought everything was working as it should, since when I attached the new bridge to a VM and spun it up, it received an IP address via the DHCP server on OPT1. I could also ping the gateway 192.168.1.1.
Then I noticed that I do not have connectivity to anything outside of the gateway IP address on the pfSense box. I cannot ping any other IP address or connect to another hostname, be it internal or external. Everything times out.

What I tried so far with no success:

  • Set VLANs in pfSense
  • Created an allow any/any firewall rule on the OPT1 interface
  • Changed allow fw rule to block and enabled logging, no results in firewall logs
  • Set port 6 on switch connected to proxmox to ACCESS mode
  • Manually set DNS server to 192.168.1.1 on the VM
  • Double checked that DNS resolver in pfSense is active on OPT1 interface

I also configured a SPAN port the on switch to receive traffic from both ports 6 & 7 on port 24 and started capturing with wireshark. The capture below is from when I restarted the VM. You can see when it gets its IP over DHCP, but other than that there is no connectivity. It also does not show any packets when I continously ping the pfsense IP from the VM, even though the ping succeeds.

wireshark
wireshark2176×624 238 KB

So to sum it up I set up another network with the exact same configuration that works, I get an IP on the VM and can ping the new gateway, but no other connectivity. I have no idea what else to do or what is causing this.

It’s my first post here on the forum and I’m still very new to homelabbing so I would really appreciate any help you guys can give me.

2

Welcome to the forums, I don’t have any experience with Proxmox or using pfsense in it, hope someone here can help.