OPNsense Forum
Archive => 18.7 Legacy Series => Topic started by: pongafence on September 01, 2018, 10:20:04 am
-
Hey,
So we've implemented our new border routers, which have now been placed in front of our OPNsense firewalls now.
Anyway, the link between our border routers and firewalls are using a private IP range. Our border routers and OPNsense firewalls are peered with each other using BGP, and our OPNsense firewalls advertised /32 public IP ranges through to the border routers, which then obviously aggregate and advertise them up to our transit peers. The public IP addresses are assigned as secondary IP addresses on that interface.
So anyway, the problem I want to resolve, is I want the OPNsense firewall to rather than use the private IP address that's assigned to the inter-link address, is to use the public IP address as the source address, as to allow traffic to be routed back to it.
T.I.A
-
Just wanted to bump this to see if anyone has an update? And any info from devs as to whether or not this is possible?
-
Hey all,
After messing around and testing a few things on a separate OpenBSD box. I've figured out a way to do it. Might not be the best or most elegant, but it works.
Basically added an Outbound NAT rule which targeted the Source IP of my firewall, which is the internal IP, and then set the NAT to the secondary IP which was the public IP.