OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of AppliedThinking »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - AppliedThinking

Pages: [1]
1
General Discussion / Re: Need some help with routing AMPRNET (44 domain) through the WAN/LAN interfaces
« on: December 23, 2021, 01:03:26 pm »
Solved:
All I had to do was create a GW instance for the target platform using the LAN private IP and then enter the 44 domain IP and subnet. 44.x.x.x/32

2
General Discussion / Need some help with routing AMPRNET (44 domain) through the WAN/LAN interfaces
« on: December 20, 2021, 03:48:56 pm »
I have the WAN/LAN private IP's working fine along with some NAT rules. WAN [192.168.x.x/24] and LAN 172.30.x.x/24]. It all works fine.
The AMPRNET GW (Linux) is sitting in the WAN DMZ and has both the 192.168.x.x/32 and 44.8.x.x/32 IP's. The outgoing AMPRNET default goes out through this GW. I do make use of AXIP paths.
I have a few workstations internal on the 172.30.x.x/24 LAN network that have unique LAN IP's and a 44.8.x.x/32 IP.
In the past, using a different FW, I have been able to route the 44 endpoints using the via 172.30.x.x/32 IP address. Opnsense doesn't allow me to do this because the 44 IP address is not in the 172.30.x.x/24 domain. I see no 'via' in the routing assignment.
I have tried creating internal LAN gateways and that didn't work either. Same issue as above.
Thinking that I could add a secondary 44 domain IP address to the WAN and LAN interfaces, I started to look at Virtual IP's but feel that I may be going down the wrong rabbit hole.  The only other thing that I can think of is getting on the Opnsense command line and try to do some handset routing using the standard via syntax.

The way I was hoping to get this working is; incoming 44 domain connections/apps would go through the AMPRNET GW to the WAN interface and get routed to the applicable internal workstation sitting in the LAN. Once I can establish the secondary AMPR IP's for WAN and LAN I can do a NAT rule. All outgoing 44 domain would exit the WAN destined for the AMPRNET GW using a default outgoing route for the 44 domain.

I am probably out in the park on this and could use a pointer to get things working. That other FW no longer works with UEFI mobo and hence the Opnsense (which I do like).

Thank you for the assistance up front. Happy Holidays, JohnF


Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2