"
Hello, I am wondering if this is default behavior.
I have some port forwarding rules set up where in one of the rules the destination is set to WAN Address for port 443 and in another rule I have a virtual IP from my WAN ( I have 5 static IPs and set them up as virtual IPs ) set as the destination.
I discovered that if I have the "WAN Address" destination rule before the rule with the virtual IP as the destination, there is a match and the traffic is forwarded to the wrong server within the LAN, but if I move the virtual IP rules before the WAN Address rule it gets routed correctly.
Is this behavior correct? I would think "WAN Address" would only match the address specifically assigned to the interface, rather than any of the virtual IPs..
If I create an alias for the WAN address with the IP assigned to the interface, the order of the rules doesn't matter and it works as expected.
I also found this post and presume the person was saying the same thing here:
https://forum.opnsense.org/index.php?topic=5501.msg22325#msg22325
I have some port forwarding rules set up where in one of the rules the destination is set to WAN Address for port 443 and in another rule I have a virtual IP from my WAN ( I have 5 static IPs and set them up as virtual IPs ) set as the destination.
I discovered that if I have the "WAN Address" destination rule before the rule with the virtual IP as the destination, there is a match and the traffic is forwarded to the wrong server within the LAN, but if I move the virtual IP rules before the WAN Address rule it gets routed correctly.
Is this behavior correct? I would think "WAN Address" would only match the address specifically assigned to the interface, rather than any of the virtual IPs..
If I create an alias for the WAN address with the IP assigned to the interface, the order of the rules doesn't matter and it works as expected.
I also found this post and presume the person was saying the same thing here:
https://forum.opnsense.org/index.php?topic=5501.msg22325#msg22325
