Is the NIC built into the motherboard or an add on pcie card?

You could check the journal to see if the logs tell you anything.

You could try taking some packet captures from opnsense and your server while accessing your externally available web server. Reviewing the pcaps might give you some hints on how fix it based on what behaviour you see in the captures.

This is how I would do it also, assuming you aernt passing the NICs through to VMs

Once you change your DNS server in your router, make sure to renew your clients DHCP lease. It may still be using the stale DNS server. On windows verify its using the new DNS server with: ipconfig /all

A custom router + managed switch is a great way to learn. Studying the fundamentals is also good, but in my opinion it’s not as fun as setting up your own network and learning hands-on.

If you decide to go this route I highly reccomend taking regular backups of your config (and backup again before you change stuff). Part of learning involves breaking things - trust me you will break your network - and in networking that’s one of the best ways to learn. Backups will give you an easy way to restore to a known working configuration.

deleted by creator

Yes. A unifi ap connects all my wireless devices to my LAN

Yes its my main router. Everything comes into the laptop across one interface setup as a trunk that includes vlans for WAN, LAN, etc. From there proxmox has a vlan aware linux bridge setup that connects to all the VMs/containers that I run. The VM virtual interfaces get tagged with whatever network I want the host to be part of.

I have a laptop motherboard setup with proxmox running:

• plex
• radarr,sonarr,prowlarr
• opnsense
• foundry VTT
• pi-hole
• unifi controller
• qbittorrent
• kavita

This is running on an i5-1135 with 40gigs of memory. If your frugal about how you have stuff setup you can pack alot of services into old laptops.

If your VPS can connect to your home router as a client it sounds like your wireguard server on opnsense is working correctly.

Might be a problem with your phones WG config. Have you tried taking the client .conf file from your VPS and loading it onto your phone to test a working config file?

choke choke