I need to be sure my WAN interface is performing NAT correctly. I have not found a way to do this. I am using the default setup (only automatic rules to NAT). My WAN is connect to an ISP. I don't have a true hub to use WireShark or similar to capture packets on my out bound interface. Is there a way my Protectli Vault running opnsense 22.7.2 to accomplish this? Is there log file (I couldn't find it) that will show the NAT occurring?
Check the local IP address of your PC - that should result in 192.168.1.x for some value of x.
Open up a web browser and enter e.g.
https://test-ipv6.com
into the address bar. If the IP address shown is different from that of your PC and if the display of your ISP is correct, your OPNsense is performing NAT.
I don't have internet connection. That is why I want to check NAT at the interface. Thank you for the reply
You wrote your WAN was connected to an ISP ;)
Well, you can login to your OPNsense via SSH and view all active NAT rules with:
pfctl -s nat
I see the 10.10.0.0 to any port. I have a 192.168.x.x. How do I nat that subnet to the ip of the wan ip?
Or should the rule
Nat on igb0 inet from (igb1:network) to any -> (igb0:0) port 1024:65535
Work if my igb1 is the 192.168.x.x the subnet I need to be NAT to Wan which is igb0?