Print Page - DNAT auto firewall [Register Rule/Pass] fails in multi-gw setups + how to fix it

Title: DNAT auto firewall [Register Rule/Pass] fails in multi-gw setups + how to fix it
Post by: superpower on January 29, 2026, 05:41:34 PM

On deployments with multiple gateways, opting for automatic firewall rule creation via "Register rule" or "Pass" creates rules that do not include the advanced mode "Reply-to:" configured, so if a query comes via GW1 it will probably return via GW0 and be dropped.
Solution is to set to manual and enter your desired reply-to gateway in the dropdown.
Hope this helps

Title: Re: DNAT auto firewall [Register Rule/Pass] fails in multi-gw setups + how to fix it
Post by: franco on January 29, 2026, 07:16:56 PM

Can you raise a ticket on GitHub about this? This may require a bit of discussion.

Thanks,
Franco

OPNsense Forum

English Forums => 26.1 Series => Topic started by: superpower on January 29, 2026, 05:41:34 PM