OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: darkbot956 on April 18, 2017, 07:11:04 pm

Title: OPNsense and nat
Post by: darkbot956 on April 18, 2017, 07:11:04 pm

Seems theirs piles of diffent flavors of NAT out thier, what kind douse OPNsense use and is it possable to change types as needed to other types in the settings ?

Title: Re: OPNsense and nat
Post by: weust on April 19, 2017, 07:25:24 am

What do you mean with different NAT types?

Title: Re: OPNsense and nat
Post by: bartjsmit on April 19, 2017, 11:27:46 am

Yes; SNAT is done outbound, DNAT for published hosts and D/SNAT for 1:1 requirements. Also NPT for IPv6 but that's an edge case.

Bart...

Title: Re: OPNsense and nat
Post by: darkbot956 on April 19, 2017, 10:12:12 pm

Anyway to change what kind it uses as need in the settings someware ?

Exaple: if your trying to game and its Symmetric NAT your not gaming anymore cus nothing works.

Title: Re: OPNsense and nat
Post by: opnfwb on April 22, 2017, 11:20:48 pm

You can get around Symmetric NAT by configuring static ports on the outbound NAT rule. You'll need to first switch to manual outbound NAT rule generation, then edit the rule for your LAN subnet and enable static ports. This will fix most of your gaming issues and in most cases will get you a "moderate" NAT without any port forwarding required.

If you want "open" NAT you'll have to combine the changes above with some manual port forwarding to your gaming clients.

I've attached a screenshot showing how to set static ports on outbound NAT in OPNsense. Hope this helps.