OPNsense Forum

Archive => 16.1 Legacy Series => Topic started by: dragon2611 on July 03, 2016, 06:36:48 pm

Title: NATPT
Post by: dragon2611 on July 03, 2016, 06:36:48 pm

Can someone post an example of how the NATPT is supposed to work as I seem to keep getting a Syntax error in the firewall reload log when I try to use it.

I create a ULA prefix for the lan and also tried with a Public /64 and neither worked (I was hoping to use the public /64 on the lan with no prefix translation for my primary ISP and tranlate it to a /64 from my backup ISP when failing over)

Title: Re: NATPT
Post by: franco on July 03, 2016, 08:34:19 pm

Make sure you are on the latest version (16.1.18) and try again, I vaguely remember this being fixed a bit ago.

Title: Re: NATPT
Post by: dragon2611 on July 03, 2016, 08:39:20 pm

It's not erroring but I don't think it's working either.

Anwyay I need to replace the router before I can test further because although the ISP gives a /56 their router seems to only want to hand out addresses from 1 /64

Title: Re: NATPT
Post by: franco on July 03, 2016, 08:43:29 pm

I am unsure if you now upgraded and the error was replaced by another one or you were already on the latest version. :)

Title: Re: NATPT
Post by: dragon2611 on July 03, 2016, 08:46:55 pm

I updated and there's no error but selecting that gateway doesn't appear to work.

But Given the IPv6 is working on the primary ISP and it's possible to L2TP to them in the event of an extended outage I'm not sure if I can be bothered to fix it.

Built a machine orginally to try sophos XG could only get IPv6 to work on that if I natted it (As in to a single IP, which defys the point of the large v6 address space) so decided to give opensense a shot instead.

Only thing I'm really missing at the moment is zone firewalling