OPNsense Forum

English Forums => High availability => Topic started by: skydiablo on November 21, 2023, 04:03:17 pm

Title: Issue with CARP and Source Address on WAN Interface
Post by: skydiablo on November 21, 2023, 04:03:17 pm: Hello Community,

I'm facing a problem with OPNsense configuration, and I'm hoping someone in the community can help me out.

Here's my setup:

- OPNsense with a WAN interface without a fixed IP address.
- Multiple virtual IPs from a /29 subnet are bound to the WAN interface using CARP.

The problem arises when more than one IP is bound to the WAN interface. Packets originating directly from the firewall have an "0.0.0.0" source address. Since the firewall no longer knows which IP to use for internet communication (as the default route only defines the interface), confusion arises.

I attempted to address this by creating an outbound NAT rule, specifying "any" to "!bougen" via the WAN interface. However, this rule only takes effect when "any" is selected as the source. When I set the source as "this firewall," the NATing doesn't work.

Does anyone have a solution or the correct approach to address this issue?

Thank you in advance for your assistance!

Best regards,
volker

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy