Show Posts
1
17.1 Legacy Series / one-to-one nat
« on: March 20, 2017, 07:14:51 am »
Hi,
Firstly I would like to extend a huge thanks to the developers of OPNsense, it is an awesome product, and even though I've only been using it for a few days, it has already simplified so many admin tasks for us.
I am trying to understand how to correctly configure one-to-one nat, I have looked on the wiki but unfortunately there seems to be very little documentation on this topic.
Our OPNsense server has two NICs, one connected to the WAN with the primary IP and a few virtual IPs configured using IP alias, and a second NIC connected to a private LAN using 10.10.10.0/24 for example.
So on the WAN interface, say I have configured a virtual IP of 2.2.2.2/32 and under one-to-one NAT I have added a new rule with 2.2.2.2 as the external IP, for internal I select LAN address, and destination is set to "any", I don't see anywhere where I can specify that I want all traffic forwarded to 10.10.10.99 for example, where do I configure the destination IP for this rule?
My apologies if this seems like an obvious question, I just haven't worked out the correct procedure yet.
Also I noticed on the OPNsense homepage it mentions "► Full Mesh VPN routing using Tinc" which is great, as we use Tinc in switch mode for joining network segments, however under VPN in the UI I only see IPSEC and OpenVPN, where might I go to configure Tinc or is there some documentation on this I can go through?
Thanks for your time and any suggestions you can provide.
Firstly I would like to extend a huge thanks to the developers of OPNsense, it is an awesome product, and even though I've only been using it for a few days, it has already simplified so many admin tasks for us.
I am trying to understand how to correctly configure one-to-one nat, I have looked on the wiki but unfortunately there seems to be very little documentation on this topic.
Our OPNsense server has two NICs, one connected to the WAN with the primary IP and a few virtual IPs configured using IP alias, and a second NIC connected to a private LAN using 10.10.10.0/24 for example.
So on the WAN interface, say I have configured a virtual IP of 2.2.2.2/32 and under one-to-one NAT I have added a new rule with 2.2.2.2 as the external IP, for internal I select LAN address, and destination is set to "any", I don't see anywhere where I can specify that I want all traffic forwarded to 10.10.10.99 for example, where do I configure the destination IP for this rule?
My apologies if this seems like an obvious question, I just haven't worked out the correct procedure yet.
Also I noticed on the OPNsense homepage it mentions "► Full Mesh VPN routing using Tinc" which is great, as we use Tinc in switch mode for joining network segments, however under VPN in the UI I only see IPSEC and OpenVPN, where might I go to configure Tinc or is there some documentation on this I can go through?
Thanks for your time and any suggestions you can provide.