NAT rules don't work when connected to LAN

Started by sc0ttjm, October 26, 2022, 01:57:01 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 26, 2022, 01:57:01 PM Last Edit: October 26, 2022, 02:52:04 PM by sc0ttjm
We have some NAT Rules on our OPNsense firewall to redirect CCTV browser traffic to the correct NVR depending on the port used.

E.G. 1.2.3.4:8087 redirects to internal IP 10.0.0.1:80 & 1.2.3.4:8088 redirects to internal 10.0.0.2:80

This works fine externally, but when somebody with a laptop comes into the office and plugs into the network, the shortcut they have to the CCTV system in their browser no longer works.
They get a generic error "This site can't be reached [sitename.co.uk] took too long to respond.

I can't work out a way to get around this, please could somebody help me?

Thanks

October 26, 2022, 07:02:43 PM #1
Found the solution elsewhere:

Firewall > Settings > Advanced

Turned on these 3 setting under "Network Address Translation"

  • Reflection for port forwards
  • Reflection for 1:1
  • Automatic outbound NAT for Reflection

Now all working as expected.

Print
Go Up Pages1
User actions