Hey there,
I have the following setup:
[public IP - Router from ISP - 192.168.1.1] --- 192.168.1.0/24 --- [192.168.1.2 - OPNsense - 192.168.2.1] --- 192.168.2.0/24 internal LAN
So the interface WAN in my OPNsense has the IP 192.168.1.2 and the interface LAN has the IP 192.168.2.1.
I activated NetFlow listening on both interfaces. As WAN-Interface it set my WAN-Interface (and I also tried setting both there).
But when I see the detailed log of Insight and filter for the Interface LAN I can see connections with source-IP 192.168.1.2 (the IP-adress of my WAN-Interface) and destination-adresses in the internet. This are connections that are present from devices from my local LAN (192.168.2.0/24) into the internet, so this traffic looks ok to me. But why do I see traffic filtered to the LAN-Interface with source-IP of the WAN-side connecting to the internet?!
Can you give me a hint?!
Thanks a lot
Don't have the answer either but... I have the exact same issue and the Internet took me here. I suspect I've misconfigured something horribly but I'm not sure what.