OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of iTimo01 »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - iTimo01

Pages: [1]
1
General Discussion / Re: Routed IPv6 Port Forward doesnt arrive on target interface
« on: February 10, 2023, 10:20:23 pm »
I just checked and it actually appears in the live log with the correct interface, but a Packet capture still doesn't see it.

2
General Discussion / Routed IPv6 Port Forward doesnt arrive on target interface
« on: February 10, 2023, 02:09:26 pm »
Im currently forwarding a couple of ports on a gateway in front of the OPNSense.

The OPNSense is supposed to just route the packets.

When trying to forward a port via IPv6 and running a packet capture, i can see the traffic arrive on the source interface (WAN2) with a DNAT, but it never shows up on the target (LAN) interface.

If i cheat and use SNAT on the external GW aswell then it arrives perfectly fine at the target.

Setup:
Public IPv6 WAN2: 2001:8d8:XXX
Private IPv6 WAN2: FC00::BBA:1

OPNSense IPv6 WAN2: FC00::BBA:2
OPNSense IPv6 LAN: FC00::AAB:1
Target IPv6: FC00::AAB:F0

FW Rule (Interface WAN2) is attached as a screenshot


Update: forgot to mention WAN2 is a Wireguard Link

3
General Discussion / Re: Problems using Gateway in rules
« on: February 07, 2023, 03:55:14 pm »
So i just installed a new Wireguard Server and set it up alongside the old one.
It still reproduces the same error.

If i create a Gateway Rule pointing "any" from the source IP to the Gateway, then connections that get INITIATED on the source IP get routed through the Gateway.

So while i was writing this i realized the "reply-to" field on the FW Rules.
Setting that to the correct gateway for replies works.

4
General Discussion / Problems using Gateway in rules
« on: February 07, 2023, 12:45:36 am »
I currently have a couple of Firewall Rules setup with an OpenVPN Gateway.

I'm trying to move my OpenVPN Configs over to WireGuard.
When setting up everything and changing the Gateway in the rules to the WireGuard one, it doesn't work.

Running an Packet Capture (and also observing the logs with log enabled) it seems like the OPNSense completely ignores the rules and still pushes it out to the OpenVPN gateway.

1 Rule in Question in Attachments

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2