"
Hi,
i've migrated my Infrastructure to OPNsense.
Im trying to configure a Destination NAT rule, that shuld look like this:
This should provide an alternative port for incoming Wireguard-Roadwarrior connections (WAN).
However i cannot configure that configuration i had previously cause of the following issues:
Is there any way to just redirect the dst-port without rewriting the destination-address or can i set the redir-address automatically to the current WAN address?
Many thanks for any suggestions
i've migrated my Infrastructure to OPNsense.
Im trying to configure a Destination NAT rule, that shuld look like this:
Code Select
interface: wan
proto: udp
src-ip: any
src-port: any
dst-port: "WAN address"
dst-port: 123
redir-address: "WAN address"
redir-port: 51820
This should provide an alternative port for incoming Wireguard-Roadwarrior connections (WAN).
However i cannot configure that configuration i had previously cause of the following issues:
- I cannot set redir-address in OPNsense to "WAN address" to keep the dst-address in the incoming packets.
- I cannot set the redir-address to the current WAN-IPv4 address, because the address is dynamic and will change periodically.
- I cannot change the listening Wireguard port to 123 as this would break incoming NTP used on LAN-side.
Is there any way to just redirect the dst-port without rewriting the destination-address or can i set the redir-address automatically to the current WAN address?
Many thanks for any suggestions
