We have a test network consisting of multiple private IP addresses connected by a router. e.g. 192.168.0.0/24, 192.168.1.0/24, 192.168.255.0/24, 172.16.0.0/16, etc...
We are using OPNSense to connect to a public IP subnet.
The OPNSense server LAN IP address is 192.168.255.25 with a default gateway set at 192.168.255.1.
There are other systems on the 192.168.255.0/24 subnet and they are able to be pinged from other subnets that we use so we know that our routing works.
As an example, a system at 192.168.100.14/24 gateway 192.168.100.1 can ping 192.168.255.22 gateway 192.168.255.1
Systems that are on the 192.168.255.0/24 subnet can ping and access the OPNSense server fine but none of the others can.
How can I configure OPNSense to understand that 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16 are part of the LAN interface scope?
Many thanks for pointing me in the right direction.
You could set Virtual IPs (IP Alias) onto the LAN interface.
https://docs.opnsense.org/manual/firewall_vip.html#ip-alias
I don't get it.
What I assume you try to achive:
You want to route all internal traffic to the outside world via OPNsense?
Then you'd have to define routes on your gateway(s) to the OPNsense box and vice versa. And NAT should be in place. Given the other question you asked about NAT, you're about to achive that?
I might not have described our scenario well enough.
We have an isolated routed test network of various private IP subnet ranges. (10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16)
Devices on these private subnets need to be able to connect to a single production subnet using a NAT connection.
Yes, I got this.
What I did not get: You mention gateways for all networks (with IP .1 for every subnet). They are supposed to route/NAT packets. How does OPNsense come into play?
So at least:
* A route from .1 to OPNsense (which may cause triangular routing which is ... not what I would be looking for)
* Set .1 as virtual IP on all affected networks to OPNsense.