OPNsense Forum
English Forums => General Discussion => Topic started by: wget on October 06, 2020, 08:28:58 pm
-
Hi there,
I have two WANs. My main connection (WAN1) is using a DOCSIS modem cable which is running into issue with some SSH connections. Because of that, I need to redirect the outgoing SSH traffic to WAN2.
Up to now, I was specifying manually the IPv4 and IPv6 destination addresses in System > Routes > Configuration for each SSH service concerned by the issue.
* Do we have a way to ask OPNsense to route all the SSH based outgoing traffic to WAN2 instead of WAN1?
* If this is not possible easily, do we have a way to route based on a DNS instead of having to specify the IPv4 and IPv6 addresses manually (addresses which change after some time depending on the anycast network I'm in - geolocalized content delivered via variable CDN like GitHub).
-
Trying again, if someone has an idea ;)
My DOCSIS VOO provider is struggling to establish a TCP handshake with SSH connections tried over IPv4 (IPv6 based connections are working fine). This only happens with their latest modem (Technicolor CGA 4233). The culprit is likely a MAC Domain issue on the CMTS I'm connected to.
To avoid this, I want to reroute automatically SSH traffic. Do you know how to do that with OPNsense without having to manually specify a src or dst address (which is a cumbersome process).
-
Have you checked out Outbound NAT? Firewall: NAT: Outbound
You can control your outbound traffic specifying the destination port. Also for the IP addresses, you could create alias(es) stating the IP or DNS, then add those alias to the source / destination so you don't have to manually enter them every time.
I haven't tried your configuration, just thinking out loud.