OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of Sascha79 »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - Sascha79

Pages: [1]
1
21.7 Legacy Series / Re: Forward SMTP from Internet to LAN using IPSec
« on: November 25, 2021, 05:54:25 pm »
There's really not much architecture - just the OPNsense-box at the remote location - it's one end of the IPSec-Tunnel. The other end of the tunnel is a MikroTik-Router (CCR2004 if it helps) connecting it to the private LAN where the mailserver sits. Firewall is completely open for IPSec.

I'm testing connection using OPNsense > Interfaces > Diagnostics > Port Probe
OPNsense succeeds opening connection to the mailserver if the LAN-NIC is selected as Source Address.

If WAN is selected, it says nc: connect to xxx.xxx.xxx.xxx port 25 (tcp) failed: Operation timed out

2
21.7 Legacy Series / Re: Forward SMTP from Internet to LAN using IPSec
« on: November 25, 2021, 04:48:39 pm »
OPNsense is running at gridscale (an IaaS-Provider) and can get a static IPs from there.
It has two NICs: WAN and LAN.

(Reason for all this: at home, there's no static IP and therefore I'd like to send E-Mail through the tunnel.)

The only setting is a Port Forward matching WAN address at Port 25 natting to the IP on the other side of the tunnel.

A strange thing is: I can ping the private IP from OPNsense using it's LAN-Address but not using the WAN-Address?!

3
21.7 Legacy Series / Re: Forward SMTP from Internet to LAN using IPSec
« on: November 24, 2021, 07:49:36 pm »
Did nobody ever try this with OPNsense?

4
21.7 Legacy Series / Forward SMTP from Internet to LAN using IPSec
« on: November 23, 2021, 12:24:57 pm »
Hi!

I have OPNsense (21.7.5) running on a machine having an public (static) IP.
Now I'd like to forward incoming SMTP to my private mailserver in my home-network which is connected using IPsec like:

Internet -> Public-IP:25 -> NAT -> IPSec -> Private Mailserver

Traffic from OPNsense flows fine through IPSec-Tunnel.
Unfortunately, the Port Forward from WAN-Address:25 to the LAN-Address of my mailserver does not work.

Can anybody give me a tip how to set it up?

Edit:
* Port Probe using Source Address "LAN" to Mailserver works fine.
* Port Probe using "WAN" to Mailserver does not work.

Thanks!
Sascha

5
21.7 Legacy Series / Re: Cannot modify HAProxy configuration anymore
« on: November 06, 2021, 09:33:23 am »
I can also confirm this issue.
Unfortunately, it literally took more than 3 hours to find this here.
(was really in doubt of myself - but the issue persisting on a freshly pulled up testinstall 'saved' my mind  ;))

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2