1
General Discussion / How to do NAT after policy-based routing?
« on: February 24, 2023, 03:46:19 pm »
I am trying to configure an interface (let's call it vpnLAN) so traffic originating from its network is routed to a VPN gateway (VPNLAN_GW). I did the following:
I am surprised as this is roughly the setup described here: https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html.
What am I doing wrong? Thanks!
- added an "allow vpnLAN to any rule" under Firewall > Rules > vpnLAN
- added a floating rule so that traffic originating from vpnLAN net with destination ! talpaWAN net has gateway VPNWAN_GW
- added an outbound NAT rule so that traffic on the vpnWAN interface (the VPN interface) with source vpnLAN net has NAT address vpnWAN address
I am surprised as this is roughly the setup described here: https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html.
What am I doing wrong? Thanks!