Hi there,
I'm trying to setup WireGuard on OPNSense, which is behind a routeur acting as gateway.
The WAN Interface has a IP : 100.127.0.10/30 and GW: 100.127.0.9
Public IP is set (as Virtual IP to the WAN interface) and is 45.2.2.2
Meaning that when I connect to public_IP:51820 to reach my wireguard, I'll would need normally to create a NAT Outbound as follow :
Interface : WAN
Source Port : 51820
Translated Address : Public_IP
NAT Port: 51820
Static port : YES
However, it seems that I can't translate both the IP & the PORT, as seen on the following results :
this works:
100.127.0.10:51820 -> 1.2.3.4:51820 // Dummy IP, good port
this works
100.127.0.10:51820 -> 45.2.2.2:1234 // Good IP, Dummy port
this does not work:
100.127.0.10:51820 -> 45.2.2.2:51820 // Good IP, Good port
So I can translate either the IP (with the good port) or either the good port (with the wrong/dummy IP).
Am I missing something ?
I found the solution in here : https://forum.opnsense.org/index.php?topic=19327.0
I had to ONLY have a Port Forwarding rules like follow :
Interface : WAN
Protocol: UDP
Destination: 45.2.2.2 (public ip)
Destination port: 51820
Redirect target IP: 100.127.0.10 (WAN IP)
Redirect target port: 51820