"
Have you tried "Reset state table" after you brought that network online?
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
23.7 Legacy Series / Re: My firewall ignores the rules (no, really)
December 27, 2023, 08:25:20 AM #2
23.1 Legacy Series / Re: 23.1.11 and zeroteier interface
July 05, 2023, 09:32:35 AMQuote from: crankshaft on June 30, 2023, 04:16:28 AM
I just uninstalled completely (including interface) rebooted, all was good.
I then reinstaled zerotier, setup the interface, confirmed that it was connected, and rebooted and same problem, no internet / wan.
So for me at least, zerotier is broken on 23.1.11
Did you downgrade or did you manage to solve it somehow?
#3
22.7 Legacy Series / Re: Trying to migrate from UniFi
September 17, 2022, 02:04:33 PM #4
Virtual private networks / Re: Port forward WireGuard return traffic through WAN
September 10, 2021, 08:35:01 PM
So i finally managed to solve this! Using OPNsense 21.7.2_1 and the reply-to rule as well as NAT described here:
https://github.com/opnsense/core/issues/4389#issuecomment-865349224
Many thanks to amonhk!
https://github.com/opnsense/core/issues/4389#issuecomment-865349224
Many thanks to amonhk!
#5
Virtual private networks / Re: Wireguard Port Forwarding not working
September 07, 2021, 11:37:19 AM
I see that he is using 21.7.b version (type development). Do we know what community version this change will be included in?
Br.
Br.
Quote from: franco on August 10, 2021, 08:10:36 AM
https://github.com/opnsense/core/issues/4389#issuecomment-865349224
It's literally referenced in the ticket above.
Cheers,
Franco
#6
Virtual private networks / Re: Port forward WireGuard return traffic through WAN
May 12, 2021, 11:45:54 AM
i guess the problem is related to this ticket: https://github.com/opnsense/core/issues/4389
#7
21.1 Legacy Series / Re: Port forwarding through WireGuard
April 29, 2021, 08:25:56 PM
So the connection to your VPN provider works accept the port forwarding?
#8
Virtual private networks / Re: Port forward WireGuard return traffic through WAN
April 24, 2021, 10:16:03 AMQuote from: mimugmail on April 23, 2021, 05:02:59 PM
Can you try to use the -kmod variant? It should work over there ...
Unfortunately the results is the same with OPNsense 21.1.5 and wireguard-kmod 0.0.20210415.
#9
Virtual private networks / [Solved] Port forward WireGuard return traffic through WAN
April 22, 2021, 08:39:32 PM
Hi,
I've just set up WireGuard on OPNsense, and the firewall is now connected to a VPN-provider. Everything works as intended eg. traffic on my guest-LAN is routed to the VPN-provider and back.
But when i configure a Port Forward, incoming from the VPN, the traffic hits the correct host, on the guest-LAN but the return traffic goes out of the WAN-interface (with the source ip of my VPN-interface) insted of just going out through the VPN.
This only happens for traffic with that specific port, everything else works and gets routed through the VPN.
Perhaps someone can assist me on what i'm missing here. Is seems a bit weird as my inbound and outbound rules works accept traffic with my specific port forward.
I've tried my rules attached below with/without "NAT reflection" on the rule itself, as well as "Reflection for port forwards" and "Automatic outbound NAT for Reflection", but the results are the same.
When i use the "Port Probe" i get a 'success' with a "Source Address" of my VPN-interface.
Anybody knows what i'm missing here?
Br
Robert
I've just set up WireGuard on OPNsense, and the firewall is now connected to a VPN-provider. Everything works as intended eg. traffic on my guest-LAN is routed to the VPN-provider and back.
But when i configure a Port Forward, incoming from the VPN, the traffic hits the correct host, on the guest-LAN but the return traffic goes out of the WAN-interface (with the source ip of my VPN-interface) insted of just going out through the VPN.
This only happens for traffic with that specific port, everything else works and gets routed through the VPN.
Perhaps someone can assist me on what i'm missing here. Is seems a bit weird as my inbound and outbound rules works accept traffic with my specific port forward.
I've tried my rules attached below with/without "NAT reflection" on the rule itself, as well as "Reflection for port forwards" and "Automatic outbound NAT for Reflection", but the results are the same.
When i use the "Port Probe" i get a 'success' with a "Source Address" of my VPN-interface.
Anybody knows what i'm missing here?
Br
Robert
Pages1
