OPNsense Forum

Archive => 18.7 Legacy Series => Topic started by: rabarbar on September 21, 2018, 03:47:43 pm

Title: NAT 1:1, an iptables NETMAP target equivalent
Post by: rabarbar on September 21, 2018, 03:47:43 pm
Hi everyone,

I'd like to virtualize a miriad of external networks that we have to connect to.
Ideally, I'd like to have a /16 virtual network, that depending on the IP range, would be NATed to a different destination network.

On iptables I would use a NETMAP target, like in this random example:
iptables -t nat -A PREROUTING -d -j NETMAP --to

For the purpose of the example above, my LAN network is, the virtual network would be, while the real NATed destination would be I could connect to a virtual IP of and be NATed to

I thought to use NAT 1:1 configuration + virtual IPs, but I cannot achieve the target configuration with OPNsense.
So far, the documentation lets me think that I could use NAT 1:1 for this purpose, even if usually it's used to allow public IPs to be accessible in LAN.

What am I missing? Is it achievable with OPNsense?