Hey everyone,
i'm having issues in understanding of Outbound NAT rule creation over Source NAT.
actually using:
OPNsense 24.1.9_4-amd64
FreeBSD 13.2-RELEASE-p11
OpenSSL 3.0.14
In the past i created my Outbound NAT rules in Firewall -> NAT -> Outbound. Actually we are on the way to automate things and further the rule creation after server creation. From the OPNsense API, as I see it so far, I have no possibility to create rules in FW -> NAT -> Outbound, but only in FW -> Automation -> Source NAT.
I've created a Source NAT Rule on WAN interface for translating the source (private ip) to the target (public ip). But it seems, that this rule isnt above the rules in the FW -> NAT -> Outbound, cause the general Outbound Rule in FW -> NAT -> Outbound matches.
I'm a bit scared of moving the general Outbound Rule to Source NAT, which translates everything from LAN net to FW public IP which wasnt already translated so the internal systems without a own NAT to Public IP have access to the www, cause i would lost access to the site if it does not work and would need to drive to it (Site is still in work and not connected actually via Site-to-Site to our main site).
Maybe someone can give me hint?
Best regards
solved - Virtual IP was added, but not applied.