OPNsense Forum
Archive => 15.7 Legacy Series => Topic started by: Hektor on January 25, 2016, 03:34:52 pm
-
Hello,
I tried to set up OPNsense to do NAT for the LAN to WAN so nothing fancy. But I failed so far.
I have the following set up:
- SDSL line with a static IP address
- OPNsense running on Hyper-V Server 2012 R2
- System -> Gateways -> All -> WANGW which points to the router of the SDSL line and is the "Default Gateway"
- The "Default allow LAN to any rule" exists, too
- OPNsense is up2date and was restarted - but it never worked so far
Reaching the internet from the OPNsense box is working. Clients from the LAN cannot reach the internet though.
To my understanding the Firewall -> NAT -> Outbound -> Mode set to "Hybrid Outbound NAT rule generation" should generate some automatic rules for the Outbound NAT.
I compared to my pfSense set up which was working but I cannot find any differences.
Looking at pfctl -sr doesn't show any nat-to rules ... at least I didn't see them? And AFAIK the firewall and pf configuration is not done via a pf.conf file but with /conf/config.xml, isn't it?
I've also found the pfInfo, pfTop and pfTables Diagnostics menus but I cannot see any nat or nat-to rules there, too.
Any idea and hints how I can find the error? Which logs or tools like pfctl (-s), tcpdump etc. can help?
Regards
-
Hello,
I am not sure if I can follow the setup.
On "Firewall" NAT there are some setings.
There is an outgoing NAT and there are four points that can be set.
"Automatic outgoing NAT rule generation" should be set.
You ca also sniff between the external IF of the FW and the Router.
Check if the IP on the packets are changed.
Regards,
Bernhard
-
We are looking at a Hyper-V specific problem as it seems. Discussing with Hektor on IRC since a few days. :)