I'm facing a strange issue with a new install of OPNsense on ESXi 6.7 that I hope someone can help me figure out. I'm thinking the problem is on ESXi not OPNsense, since I had a working setup using pfSense on ESXi 6.0 prior to upgrading to ESXi 6.7.
- I have a single VMware ESXi 6.7 host server (Dell T630) with two VMs, one running OPNsense and one running Windows 10.
- There are two port groups (WAN and LAN), one vSwitch, and one VLAN on ESXi, and one physical NIC on the host.
- The OPNsense VM has two network adapters, one WAN and one LAN, and both have IP addresses (LAN is 192.168.1.1) and my Win10 VM (IP 192.168.1.51) has one network adapter on the LAN port group and is set to use 192.168.1.1 as the default gateway.
- I can access the internet from the Win10 machine and I can ping 192.168.1.1.
- I can ping the Win10 machine and google.com from OPNsense.
- I cannot load the OPNsense web console from the Win10 machine or telnet to OPNsense on port 80 or 443.
- I've never been able to access the web console so OPNsense is using the default configuration.
- I can telnet to 192.168.1.1 on ports 80 and 443 locally from OPNsense, so I know the web server is running.
- When I run tracert from the Win10 machine to google.com it is successful, and I can see it is using IPv4 and going through 192.168.1.1 as the first hop
- When I run tcpdump on OPNsense with a filter for 192.168.1.51, I do not see any TCP or UDP traffic destined for 192.168.1.1, but I do see UDP traffic for ssdp and netbios going to other IP addresses.
- When I run wireshark from the Win10 machine I see the initial SYN packet from 192.168.1.51, immediately followed by RST, ACK from 192.168.1.1.
- I ran this command: "grep 192.168.1.51 /var/log/filter/latest.log | grep 192.168.1.1" and there is just one result showing icmp traffic from my successful ping test.
I'm really at a loss here. I'm confused by the fact that I have internet access from the Win10 VM which goes through OPNsense but I still cannot access the web console or telnet to it on ports 80 or 443.
Like I mentioned I had a successful setup working previously on ESXi 6.0 with pfSense, then after upgrading ESXi to 6.7 I had all kinds of networking issues with my VMs where network adapters would not show up in the VM and in the ESXi settings the VM network adapter dropdown to choose the port group would be blank. I ended up reinstalling ESXi 6.7 as a fresh install and created new VMs, and since then I've tested using both pfSense and OPNsense with similar results.
I'm open to any ideas on how to troubleshoot this further. At this point I'm considering wiping my host and installing Proxmox instead.
Thanks in advance,
Joel
