OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: Amr on May 04, 2020, 09:36:44 am

Title: Double NAT issue since 2.1.3
Post by: Amr on May 04, 2020, 09:36:44 am

Hey there,
After upgrading from 2.1.2 -> 2.1.3 and till 2.1.6 I noticed that the wan Interface no longer works, digging in the firewall logs I noticed that the traffic was being blocked as it came from private networks (the firewall is behind another one), Recognizing the hassle of allowing private networks on wan and disabling the default rules and making major changes to my setup, I downgraded the machine, is there any plans to restore the previous functionality?

Title: Re: Double NAT issue since 2.1.3
Post by: russella on May 04, 2020, 02:30:33 pm

I have a multi-wan setup with both WANs behind other routers (i.e. double NAT) and my setup works flawlessly and I haven't had to resort to allowing private networks on WAN (i.e. the Block private networks option is checked for both WAN interfaces). Everything still worked when I upgraded from 20.1.2 to 20.1.3 as it has done through every upgrade from 19.7.3 right up to 20.1.5 (I haven't upgraded to 20.1.6 yet). So you might like to look to see if anything else has changed in your setup when you went from 20.1.2 to 20.1.3. Have you, for example, changed the Firewall->NAT->Outbound rule generation from Automatic?

Title: Re: Double NAT issue since 2.1.3
Post by: Amr on May 05, 2020, 09:19:23 am

Quote

Have you, for example, changed the Firewall->NAT->Outbound rule generation from Automatic?

Well I'm using Wireguard and yes I'm using Hybrid outbound NAT rule generation, I also doubted that the WG missed something up so I disabled it but forgot to remove the manual nat rule might give it a try later.

After upgrading I also got a "Unfortunately we have detected at least one programming bug" which I've already sent.