Messages

Solved - I don't know my, but while my ISP what giving me an Dynamic Internet IP, the IP in source was one and in opnsense tcpdump was another.

MY ISP fixed my external IP , and know tcpdump shows me the same number that I got in the source with www.myip.com

(I allways have used dynamic Ip's,  and it was the fist time I saw this strange behaviour)

The Source machine is a Home machine, running Windows 10 Home Single Language 22H2

The Destination machine is a Windows 10 Pro 22H2 in a business network with Opnsense as a firewall in the network

I always could connect

Last days ago I changed my internet fiber link ISP provider at home , and since then the sites below does Not show my real external IP address

https://whatismyipaddress.com/   
https://whatismyipaddress.com/ 
https://www.myip.com/
https://ipaddress.my/   
https://nordvpn.com/pt-br/what-is-my-ip/

It shows 177.xxx.xxx.xxx  (I wrote xxx to not show the real numbers)

I have to use tcpdump -n  in opnsense to get my real source IP Address

Tcpdump -n shows 100.xxx.xxx.xxx

Thank you pmhausen

With tcpdump I could find the problem

The problem was:
Using https://whatismyipaddress.com/   in the source I got an external IP adddress

And with tcpdump -n  in opnsense it what's displaying that the source was connecting using another external IP number !!!!
Then I allowed this IP and it works

Why https://whatismyipaddress.com/  does not show the correct number ?

I tested also with https://www.myip.com/ , https://ipaddress.my/   , https://nordvpn.com/pt-br/what-is-my-ip/

All gave me the wrong IP

I tried also in different browsers.

I will also ask to my ISP provider why this happening.

Thank you !!

I'm using Opnsense last version:
OPNsense 23.1.9-amd64
FreeBSD 13.1-RELEASE-p7
OpenSSL 1.1.1t 7 Feb 2023

(the problem below happened also in a previous version)

1- I have an Alias
IPSAllowed - list of host external IP's allowed

2-I have a NAT port forward rule
source - IPAllowed
source port - any
destination - WAN Address
destination port range - 20000 to 20000
Redirect target IP - 192.168.0.20
Redirect target port - MS RDP

The problem is:
From a lot of different hosts, If I try to access the port 20000,
I can.
BUT from a specific host, If I try to access the port 20000,
I can't !

If I change the NAT port forward rule, and put ANY in the source,
I can access from the specific host also !

Strange is:
1-The specific host IP it's in the Alias host list.
2-The outgoing port is open, because when the rule in Opnsense is ANY, I can access the port
3-The other Internet source hosts can access the port ,even the rule is applied to only hosts sources from the Alias host list

How can I diagnose the problem and solve ?
I did not find in opnsense logs the problem.
Where can I find it ?

Thank you