Hi,
I just bought an OPNsense DEC740 and upgraded to latest firmware 23.1.1. I have set it up as a simple router with single NATed subnet (129.168.214.0/24) with the following forwarded ports, 80, 443.
What used to work with my old router was to reach a web server running on the private network from another computer on the same subnet via the public IP/FQDN (www.8ccr.com) but I have not been able to get that to work, only from an external device coming in so I know port forwarding is working.
This works:
External IP:80 -> www.8ccr.com:80 (71.183.45.64:80) --> WAN Interface:80 > NATed to private IP:80 (192.168.214.10/24)
user@external:~$ nc -vz www.8ccr.com 80
Connection to www.8ccr.com 80 port [tcp/http] succeeded!
This does NOT work:
192.168.214.7 -> www.8ccr.com:80 (71.183.45.64:80) -> WAN interface:80 -> NATed back to private IP:80 (192.168.214.10/24)
user@internal:~$ nc -vz www.8ccr.com 80
nc: connect to www.8ccr.com (71.183.45.64) port 80 (tcp) failed: Connection timed out
I performed two Packet Captures on the WAN interface; one for the external IP and one for the internal (during the tests above). I can see the traffic from the external but not from the internal so it looks like the internal request is not even reaching the WAN interface.
I am sure I am missing a setting somewhere since this was all working with my old router, I just haven't been able to find it for loopback kind of traffic in OPNsense.
Thanks in advance for any pointers.
Have a Look at ,,nat reflection for portforward"
and ,, Automatic outbound NAT for Reflection"
https://docs.opnsense.org/manual/firewall_settings.html#network-address-translation
Quote from: stefanpf on February 17, 2023, 09:45:05 PM
Have a Look at ,,nat reflection for portforward"
and ,, Automatic outbound NAT for Reflection"
https://docs.opnsense.org/manual/firewall_settings.html#network-address-translation
This exactly! works like a charm, been using it for years.
You guys rock! Worked like a charm - thanks a lot!