[SOLVED] NAT Outbound doesn't translate IP & PORT

Started by nono, December 19, 2022, 02:51:08 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 19, 2022, 02:51:08 PM Last Edit: December 20, 2022, 04:17:37 PM by nono
Hi there,

I'm trying to setup WireGuard on OPNSense, which is behind a routeur acting as gateway.

The WAN Interface has a IP : 100.127.0.10/30 and GW: 100.127.0.9
Public IP is set (as Virtual IP to the WAN interface) and is 45.2.2.2

Meaning that when I connect to public_IP:51820 to reach my wireguard, I'll would need normally to create a NAT Outbound as follow :
Interface : WAN
Source Port : 51820
Translated Address : Public_IP
NAT Port: 51820
Static port : YES

However, it seems that I can't translate both the IP & the PORT, as seen on the following results :

this works:
100.127.0.10:51820 -> 1.2.3.4:51820 // Dummy IP, good port
this works
100.127.0.10:51820 -> 45.2.2.2:1234 // Good IP, Dummy port
this does not work:
100.127.0.10:51820 -> 45.2.2.2:51820 // Good IP, Good port

So I can translate either the IP (with the good port) or either the good port (with the wrong/dummy IP).

Am I missing something ?
December 20, 2022, 04:17:23 PM #1
I found the solution in here : https://forum.opnsense.org/index.php?topic=19327.0
I had to ONLY have a Port Forwarding rules like follow :
Interface : WAN
Protocol: UDP
Destination: 45.2.2.2 (public ip)
Destination port: 51820
Redirect target IP: 100.127.0.10 (WAN IP)
Redirect target port: 51820
Print
Go Up Pages1
User actions