Show Posts
1
General Discussion / Firewall "WAN net"/"LAN net" and NAT "LAN networks"/"Loopback networks" aliases
« on: August 28, 2024, 08:37:12 am »
Hello all,
I'm new to OPNsense and still learning a lot, two things that took me a while to figure out and I couldn't find a lot of information about are these Firewall and NAT Network aliases (if there is, apologies and just let me know where to find it)
I'm using OPNsense with a dynamic routing protocol. I'm running OSPF between my Layer3 switch and OPNsense. Because of this, the LAN connection is just a transit network and all my endpoint VLANs live behind my Layer3 switch.
What I noticed is that OPNsense doesn't like me using these network aliases in my scenario. It all started working after I changed the firewall rules and added a custom Outbound NAT rule from "Network Alias" to "any".
Couple questions:
I expect this is because OPNsense only treats the directly connected subnet as the Network alias?
Any way to include advertised networks in those aliases, or should I just create custom aliases for this and start using those for everything?
Thanks!
Wesley
I'm new to OPNsense and still learning a lot, two things that took me a while to figure out and I couldn't find a lot of information about are these Firewall and NAT Network aliases (if there is, apologies and just let me know where to find it)
I'm using OPNsense with a dynamic routing protocol. I'm running OSPF between my Layer3 switch and OPNsense. Because of this, the LAN connection is just a transit network and all my endpoint VLANs live behind my Layer3 switch.
What I noticed is that OPNsense doesn't like me using these network aliases in my scenario. It all started working after I changed the firewall rules and added a custom Outbound NAT rule from "Network Alias" to "any".
Couple questions:
I expect this is because OPNsense only treats the directly connected subnet as the Network alias?
Any way to include advertised networks in those aliases, or should I just create custom aliases for this and start using those for everything?
Thanks!
Wesley