OPNsense Forum
Archive => 18.1 Legacy Series => Topic started by: MasterXBKC on March 20, 2018, 12:48:38 am
-
So here is a bizarre one i have just discovered.
I have a opnsense vm on VMware ESXi, with a number of virtual machines behind it, it holds 2 wan ips.
I had a bunch of rules going to VM-A at 10.0.0.2, for ssh, http, https, etc.
So i needed the same rules for the new vm, which is VM-B, so i added the second IP as a virtual ip, and then cloned each of the nat rules and on each new copy swapped the wan address for the new virtual ip, and changed the redirect ip to 10.0.0.3. Saved, and applied.
None of the nat rules worked, the VM was in-accessible from the wan side completely. i re-verified all the settings several times, but all attempts to reach VM-B via the new virtual ip were refused.
So i deleted the rules and created them again the same way, and ended up in the same situation.
As a last ditch effort, i deleted all the rules for VM-B again, and instead of using the clone button, I created them all manually for VM-B, and now they all work the first time.
Something in the cloning of a NAT rule is not working properly.... But everything looks proper in the GUI.
-
One issue I ran into was cloning a NAT PF rule would not create an associate firewall rule.
-
any news?
-
Has a bug report ( Issue ) been raised on Github?
-
Out of interest did you have a look at the rules.debug to see what was showing there?