OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: ChrisH on September 28, 2017, 03:45:20 pm

Title: 1:1-NAT not intuitive with multi-WAN
Post by: ChrisH on September 28, 2017, 03:45:20 pm
I have an OPNsense VM with several WAN interfaces, because my provider's routing only works correctly if you also have a MAC address for every additional public IP you use.
I have created a 1:1 NAT on WAN2 to forward everything to a single internal IP. This works for connections from the internet to WAN2.
When the internal IP tries to connect to the internet, that fails. I see the packets as PASS in the firewall log, but they don't get anywhere. Traceroutes stop at the OPNsense box.

The final solution was to create a separate firewall rule telling OPNsense to use the WAN2 gateway for all packets originating from the internal IP and going to the internet.

Shouldn't that be more intuitive? I already told OPNsense I want to translate all packets from that IP on the WAN2 interface to the WAN2 address. Can't it pick the correct gateway by itself? Or is there a better way to do this?