Hello all,
I have somehow the same issues as this person: https://forum.opnsense.org/index.php?topic=14355.msg66216#msg66216
But in my case, I have already enabled all these advanced settings:
Reflection for port forwards
Reflection for 1:1
Automatic outbound NAT for Reflection
Here is a description of my network:
WAN 2 Public IPs
|
OPN (IP: 10.50.0.2)
|
VM1 => Local IP:
- 10.50.0.3/32
- 10.50.0.4/32
In opnsense I have these port forwarding rules:
- 80 and 443 => 10.50.0.3
- 587 (and other) => 10.50.0.4
And I also have these outbound rules:
- 10.50.0.3/32 => Public IP1
- 10.50.0.4/32 => Public IP2
From the VM1 (where both private IPs are attached to), I can ping all public and private IPs, no problem here. But if I curl or nc any port of the respective public IPs, I get no answer. If I do the same with the private IP it's working.
And I create this kind of rule to forward traffic through each specific private IP address:
iptables -t nat -I POSTROUTING -p all -s 172.23.0.2 ! -d 172.23.0.2 -j SNAT --to-source 10.50.0.4
I must add that this network is hosted in a German public cloud provider. Not sure this has an impact.
Based on other threads, there was a bug related to this in v17 or 18, but I am currently using this version:
OPNsense 23.1.9-amd64
Can someone help me troubleshoot this? To be honest, I don't have this much networking knowledge, so probably the answer is simple, but I don't know where to start, and how to troubleshoot this. I already looked in multiple articles in this forum and other websites but I am still blocked.
Thanks a lot for your help!
Hello, I changed my title, maybe it's more "attractive".
Maybe someone can give me a hint where to look, how to troubleshoot my issue? I assume it's NAT reflection because I can see the traffic going out, but never back in :-\
Thanks a lot!