"
Hello all,
first of all ... I am new to opnsense ... I have experience with fortigates, but decided to switch to opnsense.
I have some things setup (3 networks, routing between, internet from inside).
My system info:
OPNsense 25.4.1-amd64
FreeBSD 14.2-RELEASE-p3
OpenSSL 3.0.16
Licensed until 2026-02-03
What I need to do and is making me cray is virtual IPs.
In Fortigate world you can do them in 2 ways: with port forwarding or mapping 1-1 all ports from a public ip to an internal ip. In a 1-1 scenario ports allowed are set with rules.
The 1-1 scenario is the one I prefer, but I could also resort to port forwarding.
I have setup the virtual ip in Interfaces -A Virtual IPs -> Settings: I chose the WAN interface, and entered my public IP address in the network / address field.
Then I went to set a NAT One-to-One: here there are some doubts. On this form I set the following fields:
interface -> WAN
Type -> BINAT
External network / Target: my public ip address (a single one)
Source / Internal: my private address (the internal address the public ip will map to).
Destination -> any (I do not understand this field ... this likely means I am missing something)
Save then Apply
Then I create a rule on Firewall -> rules -> WAN:
Interface -> WAN
Direction -> in
TCP/IP version : IPv4
Protocol -> TCP
Source -> any
Destination -> Single Hist and my public iPhone address
Destination port range -> From https to https
Gateway -> WAN GW
Save and Apply
It is not working :-(
I appreciate help :-)
first of all ... I am new to opnsense ... I have experience with fortigates, but decided to switch to opnsense.
I have some things setup (3 networks, routing between, internet from inside).
My system info:
OPNsense 25.4.1-amd64
FreeBSD 14.2-RELEASE-p3
OpenSSL 3.0.16
Licensed until 2026-02-03
What I need to do and is making me cray is virtual IPs.
In Fortigate world you can do them in 2 ways: with port forwarding or mapping 1-1 all ports from a public ip to an internal ip. In a 1-1 scenario ports allowed are set with rules.
The 1-1 scenario is the one I prefer, but I could also resort to port forwarding.
I have setup the virtual ip in Interfaces -A Virtual IPs -> Settings: I chose the WAN interface, and entered my public IP address in the network / address field.
Then I went to set a NAT One-to-One: here there are some doubts. On this form I set the following fields:
interface -> WAN
Type -> BINAT
External network / Target: my public ip address (a single one)
Source / Internal: my private address (the internal address the public ip will map to).
Destination -> any (I do not understand this field ... this likely means I am missing something)
Save then Apply
Then I create a rule on Firewall -> rules -> WAN:
Interface -> WAN
Direction -> in
TCP/IP version : IPv4
Protocol -> TCP
Source -> any
Destination -> Single Hist and my public iPhone address
Destination port range -> From https to https
Gateway -> WAN GW
Save and Apply
It is not working :-(
I appreciate help :-)
