Home
Help
Search
Login
Register
OPNsense Forum
»
International Forums
»
German - Deutsch
»
Dual Wan und Portforward (Doppel Nat Problem?)
« previous
next »
Print
Pages: [
1
]
Author
Topic: Dual Wan und Portforward (Doppel Nat Problem?) (Read 1425 times)
fox-octi
Newbie
Posts: 29
Karma: 0
Dual Wan und Portforward (Doppel Nat Problem?)
«
on:
October 26, 2021, 07:35:07 am »
Hi,
da ich mir nicht sicher bin, ob ich es hier richtig gestellt habe, hier auch nochmal.
External Ip WAN1 Router (Intern: 192.168.2.1) Forward Port 2222 -->OpnSense (192.168.2.139) Port 2222 --> Linux SSH 22
External Ip WAN2 Router (Intern: 192.168.9.1) Forward Port 2222 -->OpnSense (192.168.9.30) Port 2222 --> Linux SSH 22
Die Forwards funktionieren immer nur beim aktiven WAN, der nicht aktive WAN ist zwar funktionstüchtig, jedoch funktionieren die Portforwards nicht.
Welchen Fehler mache ich hier, es scheint mir am Doppelten eingehenden Forward zu liegen.
Original Post:
https://forum.opnsense.org/index.php?topic=25294.msg121416#msg121416
Gruß
Logged
fox-octi
Newbie
Posts: 29
Karma: 0
Re: Dual Wan und Portforward (Doppel Nat Problem?)
«
Reply #1 on:
October 26, 2021, 10:24:17 am »
Hi,
hab eine Lösung gefunden, man muss beim Portforward das Paket taggen und dann als Firewallregel ausgehend ihm dann sagen, dass die getaggten Pakete über das bestimmte Gateway beantwortet werden sollen.
<rule>
<protocol>tcp</protocol>
<interface>wan</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>SSHForwardGuido</descr>
<tag>GUIDO</tag>
<tagged/>
<poolopts/>
<associated-rule-id>pass</associated-rule-id>
<log>1</log>
<target>Gitlab</target>
<local-port>22</local-port>
<source>
<address>ExterneKundenFesteIPs</address>
</source>
<destination>
<network>wanip</network>
<port>2222</port>
</destination>
<updated>
<username>root@172.16.222.30</username>
<time>1635226835.6125</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>root@172.16.222.224</username>
<time>1613770090.0138</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<protocol>tcp</protocol>
<interface>opt1</interface>
<category/>
<ipprotocol>inet</ipprotocol>
<descr>SSHForwardRamon</descr>
<tag>RAMON</tag>
<tagged/>
<poolopts/>
<associated-rule-id>pass</associated-rule-id>
<log>1</log>
<target>Gitlab</target>
<local-port>22</local-port>
<source>
<address>ExterneKundenFesteIPs</address>
</source>
<destination>
<network>opt1ip</network>
<port>2222</port>
</destination>
<updated>
<username>root@172.16.222.30</username>
<time>1635226643.7175</time>
<description>/firewall_nat_edit.php made changes</description>
</updated>
<created>
<username>root@172.16.222.30</username>
<time>1624425142.575</time>
<description>/firewall_nat_edit.php made changes</description>
</created>
</rule>
<rule>
<type>pass</type>
<interface>lan</interface>
<ipprotocol>inet</ipprotocol>
<tagged>RAMON</tagged>
<statetype>keep state</statetype>
<descr>RAMON-GW-Tagged-TCP-UDP-LAN</descr>
<direction>out</direction>
<reply-to>OPT1_DHCP</reply-to>
<quick>1</quick>
<protocol>tcp/udp</protocol>
<source>
<any>1</any>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>root@172.16.222.30</username>
<time>1635233677.4174</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@172.16.222.52</username>
<time>1615028745.5929</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
<rule>
<type>pass</type>
<interface>lan</interface>
<ipprotocol>inet</ipprotocol>
<tagged>GUIDO</tagged>
<statetype>keep state</statetype>
<descr>GUIDO-GW-Tagged-TCP-UDP-LAN</descr>
<direction>out</direction>
<reply-to>WAN_DHCP</reply-to>
<quick>1</quick>
<protocol>tcp/udp</protocol>
<source>
<any>1</any>
</source>
<destination>
<any>1</any>
</destination>
<updated>
<username>root@172.16.222.30</username>
<time>1635233713.586</time>
<description>/firewall_rules_edit.php made changes</description>
</updated>
<created>
<username>root@172.16.222.30</username>
<time>1635232485.8618</time>
<description>/firewall_rules_edit.php made changes</description>
</created>
</rule>
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
International Forums
»
German - Deutsch
»
Dual Wan und Portforward (Doppel Nat Problem?)