Maybe the amount of details in your original question wasn't sufficient for others to point you in the right direction (details often help), you never know. Just ask yourself, how many people have you helped in the past 6 months that you where around on our forum? Community thrives by people willing to step up, help others by replying to forum posts (as many people do around here), write code, submit documentation, etc, etc. Feel free to come back any time you like, Best regards,Ad
Hi there,> I think the details in my original post were perfectly sufficient that anyone with input or rather, others with similar installs that might try to replicate the behaviour could do so.The problem I see is that you assume this to be true leaving out the lack of responses as an indication of this not being entirely true and then going on to say you solve it by reverting to a different software indicating to others that you are not interested in getting to the bottom of it.Not everyone can or always will be helped in this community for any number complex reasons even when you are dealing with avid community volunteers of free software. Life gets in the way for all of us sometimes and there are no obligations to do so.That being said, the words "does not work" in any message or issue report may be off-putting to start with.Cheers,Franco
Hi all,Have recently migrated one of our sites to OPNSense 19.7 from pfSense which I used for the past 5 years.I have a web server on site hosting a demo with 1:1 NAT configured using one of the IP's in our public subnet.I have all the NAT reflection boxes ticked however I cannot access the server via its public address from inside the network... The 1:1 NAT and firewall rule on the WAN work as expected, the server is accessible from the outside. However NAT reflection is not working.This is a L3 switched environment with several VLAN's routed on the switch core. There is an uplink to OPNSense which then goes off to WAN. Static routes are all in place and everything works as expected, except NAT reflection.Most client PC's are in 172.16.1.0/24 as is the server (172.16.1.183).I did some googling and found others that have reported NAT reflection not functioning. I know reflection isn't a great idea, and internal clients should access internal resources via their internal addresses (so I could do a host override on local DNS forwarder) but NAT reflection is a feature on offer and should therefore work.Any suggestions?
Quote from: tomstephens89 on January 20, 2020, 10:58:32 amHi all,Have recently migrated one of our sites to OPNSense 19.7 from pfSense which I used for the past 5 years.I have a web server on site hosting a demo with 1:1 NAT configured using one of the IP's in our public subnet.I have all the NAT reflection boxes ticked however I cannot access the server via its public address from inside the network... The 1:1 NAT and firewall rule on the WAN work as expected, the server is accessible from the outside. However NAT reflection is not working.This is a L3 switched environment with several VLAN's routed on the switch core. There is an uplink to OPNSense which then goes off to WAN. Static routes are all in place and everything works as expected, except NAT reflection.Most client PC's are in 172.16.1.0/24 as is the server (172.16.1.183).I did some googling and found others that have reported NAT reflection not functioning. I know reflection isn't a great idea, and internal clients should access internal resources via their internal addresses (so I could do a host override on local DNS forwarder) but NAT reflection is a feature on offer and should therefore work.Any suggestions?Autoreflection for Outbound rules are only for the same network where also the internal server sits, so when you have a different network with a L3 switch behind you have to create a manual outbound NAT rule:Iface: LAN interface of internal serverSource: Your real client netDestination: Your internal serverTranslated interface: interface address (default)This will do it ..
