OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of sirianthe3rd »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - sirianthe3rd

Pages: [1]
1
Virtual private networks / SNAT from Port-forward over VPN
« on: August 28, 2024, 12:58:49 am »
Hello all, I am looking for some help regarding a special kind of configuration that I am trying to get working. I have a server that is in another location that has a VPN tunnel to a datacenter with a static IP. So, the datacenter has an Internet connection with a static IP, and the other has an Internet connection behind CG-NAT. There is a VPN tunnel between them that works as intended. What I am trying to accomplish is to host a server behind the OPNsense box with the CG-NAT by bringing in the traffic via the site with the static IP.

To keep traffic symmetrical, I am thinking to source NAT the traffic coming in to the datacenter so that it get correctly routed back to the firewall with the static IP, otherwise it will go out the connection with the default out of the CG-NAT interface and get stopped by that site's OPNsense box.

For instance:

Inbound:
Source of traffic 1.1.1.1 -> DST public IP 2.2.2.2 -> Port Forward / DNAT -> Real Server 10.10.10.2 -> SNAT 192.168.10.2 -> VPN tunnel -> Server 10.10.10.2

Outbound:
Source of traffic 10.10.10.2 -> DST IP 192.168.10.2 -> VPN tunnel -> Datacenter OPNsense -> Reverse SNAT 10.10.10.2 to Public IP 2.2.2.2 -> Destination 1.1.1.1

Is this possible? So far I haven't been able to get it working. Thanks!

2
17.1 Legacy Series / Can't get WAN interface to pull IPv6 address or allocation
« on: April 02, 2017, 07:51:09 pm »
Hi all, I'm trying to setup native dual-stack IPv6 with TWC cable. When I set the WAN interface to pull just a simple address, it won't do that. I looked in /var/log/dhcpd.log and see several entries in there for the IPv4 address being pulled via dhclient, but nothing for IPv6.

I did hook up my laptop to the modem to verify I could pull an address at the very least.

The TWC modem is on their supported list (Motorola MB7420). It looks like modem itself pulled an address for management purposes.

Any ideas? Ideally I would like to pull an allocation to use on my LAN.

PS- I am using HE.net's tunnelbroker to get an allocation that I am currently using now on the LAN, but I wanted to go native, if possible. Just seems like dhclient is having issues pulling the appropriate address.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2