[SOLVED] Port Forwarding/Rewriting

Started by faunsen, February 10, 2017, 11:45:13 AM

Previous topic - Next topic
February 10, 2017, 11:45:13 AM Last Edit: March 21, 2017, 02:46:27 PM by faunsen
Hi,

is it possible to have a kind of dynamic port forwarding or port rewriting?

Clients in network A should access servers in network B which are listening on port 1 via port 2.
Accessing the servers port 1 directly should be prohibited.

A simple port forwarding doesn't work because I need the destination IP and a list for every server would exceed the administrative effort.

Any ideas?


Thanks,
Frank

Hi,

it is possible since OPNsense Version 17.1.3. Many thanks franco!

Quote from: franco on March 16, 2017, 07:34:12 AM
o firewall: port forwarding enhancements for tag, pool options and target subnet

To create a simple port rewriting add a Port Forward from network A to network B Destination port range: 1 with  Redirect Target IP: 0.0.0.0/0, Redirect Target Port: 2 and Pool Options: Bitmask.
To restrict it tag it with Set local tag and use this value in a rule as Match local tag.