Hello. I am an OPNsense beginner.
I installed OPNsense instance to the laptop (one physical port) and added NAT forwarding for a port. It works if I try to reach a destination from my local network. Bur when I try to reach the destination from an external network I get a timeout error.
I also tried to add allow firewall rule for the destination subnet. It didn't help. And I also tried to launch a TCP dump from an external client. I send requests but I don't get replies. In the firewall log, no errors are shown.
(https://i.ibb.co/j5P7WKt/image.png)
Out of interest, why would you run something like OPNsense on a laptop?
I broke the display from the laptop and bought a new one. But this one - i7, 16 GB RAM, SSD looks like a good hardware for a firewall.
I fixed it by adding a LAN interface to the Captive Portal. I think it is because I don't have a WAN port (only LAN). Am I right?
UPD: No. I tried to use the HTTP port. When I changed the port it doesn't work again
UPD: Removed all rules and recreated these again. Works!
Removed masquerade from the router and it doesn't work again.
Requested packet forwards from router to OPNsense. OPN forward packet to need port to destination. Destination host returns packet (out packet) to OPNsense. OPNsense does nothing. I don't understand why.
From the OPNsense ssh session, I also get a timeout error.
Router (Mikrotik) tcp dump:
https://drive.google.com/file/d/1_Z0rAlLSwVEEg1YFQbfIgOCqtRNdUJwy
OPNsense tcpdump:
https://drive.google.com/file/d/1aBRO_Vch8Ryx_BmdIlO1ZY8NMh5aWd2M/view?usp=sharing
UPD: Found a solution. I added a rule to out NAT (don't know the exact name 'cos I use non-English language in OPNsense web. I mean reverse NAT)