Messages

So 158.132.209.248 is routed via your default gateway (10.22.36.2). Is that what you expect?

What are you trying to accomplish with your static route? Are you trying to force the path that the traffic takes over the internet (i.e. source routing)?

If you set the "Far gateway" option on the gateway that you created, your route for 100.100.0.0/16 should get added, but it's probably not going to work as you expect (unless your upstream default gateway knows what to do with it).

Thank you, after I enable the Far gateway option, everything works.

The OPNsense UI for creating static routes requires that you select from already-defined gateways, so I don't think it's a case of it not having been defined. If it's not reachable (directly), it could cause that failure, though.

OP, what is (supposed to be) at 158.132.209.248? What output do you get from `route -n get 158.132.209.248` in a shell?

It is another router, which normally for windows I would do "ROUTE ADD 100.100.0.0 MASK 255.255.0.0 158.132.209.248" to route all traffic to that machine, but now I would like to do it in opnsense.

Here is the output of the command: https://imgur.com/a/jHfIBx8

That likely means that you don't have a gateway declared with an IP address of 158.132.209.248. Fix that, and your static route should work.

System: Gateways: Configuration

I do have a gateway route
https://imgur.com/a/Twzdn8a

I have added a static route in the panel, however it doesn't show up in the status list, anyone know why?
https://imgur.com/a/GcnGTno

There is an error in the logs

/usr/local/etc/rc.routing_configure: The command '/sbin/route add -inet '100.100.0.0/16' '158.132.209.248'' returned exit code '1', the output was 'add net 100.100.0.0: gateway 158.132.209.248 fib 0: Invalid argument'

I have added the NAT outbound rules to change the IP address, however it still doesn't work. It seems that there isn't any response coming back from the server. Or after the server response the router wasn't able to change back the IP address and return the packet back to LAN.

EDIT: In addition, there seems to be a bug in opnsense, where after I add a manual NAT Outbound rule and enable logging. In the live view the log description will be empty even though I have type the description in the rule.

You may also need to configure your WAN interfaces to not "Block [private/bogon] networks"

I have disabled those options, however it still doesn't work

Does "Others router" have a route to 192.168.x.x pointing back to "My router" (172.16.1.3)?

I don't have access / control over it. So I couldn't

Wireshark logs

I am trying to setup my opnsense router, as the setup is a bit complicated, I have draw a graph to have better understand about the situation.

Router:
WAN: 10.10.10.23
WAN2: 172.16.1.3
LAN: 192.168.1.1/24

My Computer: 192.168.1.100

What I would to access 100.100.0.14 computer through my router with the IP 172.16.1.3. However there is some problem with I try to it. Below I have illustrate what settings I have make to the default installation of opnsense.

1. Created a Gateway for WAN2
2. Create a route for 100.100.0.0/16 through that gateway
3. NAT-Outbound: Automatic outbound NAT rule generation

Below are the settings for Firewall

1. Pass all LAN incoming connection
2. Pass all WAN2 outgoing connection through the gateway as said above

During the testing phase, I am able to access 100.100.0.14 service when I SSH to my router and perform the request. However all LAN computers wasn't able to do so.
In addition, I found that when I request through LAN computer, there is two TCP request initiated, one from 192.168.1.100 (LAN PC) and one from the 172.16.1.3 (The router IP). Is it a bug?