Messages

Solved:
All I had to do was create a GW instance for the target platform using the LAN private IP and then enter the 44 domain IP and subnet. 44.x.x.x/32

I have the WAN/LAN private IP's working fine along with some NAT rules. WAN [192.168.x.x/24] and LAN 172.30.x.x/24]. It all works fine.
The AMPRNET GW (Linux) is sitting in the WAN DMZ and has both the 192.168.x.x/32 and 44.8.x.x/32 IP's. The outgoing AMPRNET default goes out through this GW. I do make use of AXIP paths.
I have a few workstations internal on the 172.30.x.x/24 LAN network that have unique LAN IP's and a 44.8.x.x/32 IP.
In the past, using a different FW, I have been able to route the 44 endpoints using the via 172.30.x.x/32 IP address. Opnsense doesn't allow me to do this because the 44 IP address is not in the 172.30.x.x/24 domain. I see no 'via' in the routing assignment.
I have tried creating internal LAN gateways and that didn't work either. Same issue as above.
Thinking that I could add a secondary 44 domain IP address to the WAN and LAN interfaces, I started to look at Virtual IP's but feel that I may be going down the wrong rabbit hole.  The only other thing that I can think of is getting on the Opnsense command line and try to do some handset routing using the standard via syntax.

The way I was hoping to get this working is; incoming 44 domain connections/apps would go through the AMPRNET GW to the WAN interface and get routed to the applicable internal workstation sitting in the LAN. Once I can establish the secondary AMPR IP's for WAN and LAN I can do a NAT rule. All outgoing 44 domain would exit the WAN destined for the AMPRNET GW using a default outgoing route for the 44 domain.

I am probably out in the park on this and could use a pointer to get things working. That other FW no longer works with UEFI mobo and hence the Opnsense (which I do like).

Thank you for the assistance up front. Happy Holidays, JohnF