Hello, I've just come to OPNsense from PFsense. Everything went smoothly apart from this.
Now I had this setup on pfsense for about 2 years now so I know that the port forwarding to the wireguard client on the server is setup correctly.
I've managed to setup "Host -> OPNsense -> Wireguard server -> Internet" configuration just fine however I am struggling to setup "Internet -> Wireguard server -> OPNsense -> Host" basically said port forwarding to the VPN interface.
I am attaching my current port forward config (HTTPS). If I need to attach anything else, please let me know!
The port is not open for some reason.
I am right now stuck and I really don't know what to do next. Any help is appreciated.
Thank you!
Change Filter rule association to "Pass".
Thank you for the very quick response!
I changed the "Filter rule assosciacion" to "Pass" however the port is still unreachable.
So an update, it seems that the firewall does let it through as seen in the attached screenshot. However I do not get anything either when I scan the port, or when I try to load the website on that web server.
Please ignore the previous post, these are the real logs, however, on port 80 - but it's setup exactly like port 443.
Maybe there is a problem with the reply from the webserver?
Did you move your UI to a different port than 443 and also disable HTTP --> HTTPS redirect for the UI?
Yes, I have it on 8443. I did not have the redirects disabled, but I tried to disable them just now and still nothing.
It's also good to mention that this webserver is already forwarded to my native WAN - this IP is for services that can be proxied via cloudflare and and the direct connection was to handle websites that cannot be proxied by cloudflare and also some non-website services.
can you see the associated (manually or automatic) rule on the interface?
Sorry for the late answer, yes, the rule gets created (when choosing "Add associated filter rule") under the ATVIE2 interface and I can see it.
So an update, this has to do with asymmetric routing, basically, I have two gateways, the WAN and the VPN. I want all of my traffic to be routed out the regular WAN gateway and I want the requests that come in through the VPN gateway to go out the VPN gateway. I could apparently do this on pfsense just fine, but I cannot get it to work here.
Any help with this is really appreciated. Thanks!