Messages

1

23.7 Legacy Series / Re: My firewall ignores the rules (no, really)

« on: December 27, 2023, 08:25:20 am »

Have you tried "Reset state table" after you brought that network online?

2

23.1 Legacy Series / Re: 23.1.11 and zeroteier interface

« on: July 05, 2023, 09:32:35 am »

I just uninstalled completely (including interface) rebooted, all was good.

I then reinstaled zerotier, setup the interface, confirmed that it was connected, and rebooted and same problem, no internet / wan.

So for me at least, zerotier is broken on 23.1.11

Did you downgrade or did you manage to solve it somehow?

3

22.7 Legacy Series / Re: Trying to migrate from UniFi

« on: September 17, 2022, 02:04:33 pm »

https://docs.opnsense.org/

4

Virtual private networks / Re: Port forward WireGuard return traffic through WAN

« on: September 10, 2021, 08:35:01 pm »

So i finally managed to solve this! Using OPNsense 21.7.2_1 and the reply-to rule as well as NAT described here:

https://github.com/opnsense/core/issues/4389#issuecomment-865349224

Many thanks to amonhk!

5

Virtual private networks / Re: Wireguard Port Forwarding not working

« on: September 07, 2021, 11:37:19 am »

I see that he is using 21.7.b version (type development). Do we know what community version this change will be included in?

Br.

https://github.com/opnsense/core/issues/4389#issuecomment-865349224

It's literally referenced in the ticket above.


Cheers,
Franco

6

Virtual private networks / Re: Port forward WireGuard return traffic through WAN

« on: May 12, 2021, 11:45:54 am »

i guess the problem is related to this ticket: https://github.com/opnsense/core/issues/4389

7

21.1 Legacy Series / Re: Port forwarding through WireGuard

« on: April 29, 2021, 08:25:56 pm »

So the connection to your VPN provider works accept the port forwarding?

8

Virtual private networks / Re: Port forward WireGuard return traffic through WAN

« on: April 24, 2021, 10:16:03 am »

Can you try to use the -kmod variant? It should work over there ...

Unfortunately the results is the same with OPNsense 21.1.5 and wireguard-kmod 0.0.20210415.

9

Virtual private networks / [Solved] Port forward WireGuard return traffic through WAN

« on: April 22, 2021, 08:39:32 pm »

Hi,

I've just set up WireGuard on OPNsense, and the firewall is now connected to a VPN-provider. Everything works as intended eg. traffic on my guest-LAN is routed to the VPN-provider and back.
But when i configure a Port Forward, incoming from the VPN, the traffic hits the correct host, on the guest-LAN but the return traffic goes out of the WAN-interface (with the source ip of my VPN-interface) insted of just going out through the VPN.
This only happens for traffic with that specific port, everything else works and gets routed through the VPN.

Perhaps someone can assist me on what i'm missing here. Is seems a bit weird as my inbound and outbound rules works accept traffic with my specific port forward.

I've tried my rules attached below with/without "NAT reflection" on the rule itself, as well as "Reflection for port forwards" and "Automatic outbound NAT for Reflection", but the results are the same.

When i use the "Port Probe" i get a 'success' with a "Source Address" of my VPN-interface.

Anybody knows what i'm missing here?

Br
Robert