Messages

1

General Discussion / Re: How to access LAN from WAN

« on: December 14, 2023, 12:08:18 am »

IMPORTANT: The following parameters allow to access LAN from WAN. Use with caution.

Here is the solution and my understanding:
   - Allow access from WAN:
      Interfaces / WAN: Uncheck "Block private networks" => Without this, OPNsense do not consider private/LAN adresses coming from the WAN. In my case, i have a 192.168.2.0/24 based network as WAN; so, if i don't want to be blocked, i need to uncheck
   - Access LAN from WAN:
      Need to set up a FW rule: WAN-pass-in-Protocol:IPv4*-Source:WAN Net-Destination:LAN Net
   - Make the computer/laptop on the WAN aware of the 10.0.0.0 network:
      Need to set up a route to the OPNsense WAN IP for accessing the LAN Network: route add -p 10.0.0.0 mask 255.255.255.0 192.168.2.134 (command for windows, done in a "cmd" windows launched with admin rights
   
Now the LAN is reacheable from the WAN.

   - Ping OPNsense WAN address:
      By default, OPNsense do not answer to a ping from WAN. I had difficulties to be sure if the IP was configured correctly. So, in order to have OPNsense answering a ping from WAN, i had a firewall rule: WAN-pass-in-Protocol IPv4 IMCP-Source:WAN Net-Destination:WAN Address (Wan address represent the WAN address of OPNsense)
   - Access OPNsense GUI from WAN:
      If you want a computer to access the OPNsense GUI from the WAN, setup the following rule: WAN-pass-in-Protocol:IPv4 TCP-Source:IP of your computer-Destination:This firewall-Port:443(HTTPS)

Hope it helps.

Hello everyone, I followed this guide, but I'm unable to ping the IP address of the computer on the LAN.
Does anyone know why it's not working?

Thanks in advance.