Understanding Virtual IPs

[hushcoden]

I've created a VIP (see picture) on a different subnet than my LAN net (192.168.0.1/24), and I can't understand how to make that IP visible (the modem I need to reach is on 192.168.2.1) e.g. pingable from a device within my LAN: could someone  please guide me?

I believe I have to create an NAT outbound rule, what exactly?

Tia.

[cookiemonster]

Needs to be on the internal interface, not WAN as it appears on the screenshot.

[hushcoden]

Ah I see, and then I just need a firewall rule on LAN interface with source LAN net and destination 192.168.2.1/24 and that's it, no NAT outbound rule ?

I need to access the modem GUI through the WAN cable between the OPNsense device and the modem itself.

[cookiemonster]

The only one I have I've put in the same subnet so didn't need any rules but your guess is what I would expect to have to do.

[hushcoden]

The point is that I don't know how to do that, how my LAN device can see the modem ??

[cookiemonster]

Oh wait, WAN might have been correct. Modem is on the WAN side, right? That is, the modem is on 192.168.2.1 and your LAN is 192.168.0.1/24. Had to re-read your first post, sorry.
Are you able to follow this https://forum.opnsense.org/index.php?topic=33497.msg162897#msg162897

[hushcoden]

Yes, modem is on the WAN and thanks for the link, I'm going to check that.

[hushcoden]

So, I managaed to make it working following that guide, but in Firewall: Log Files: Live View I see lots of requests coming from 0.0.0.0 - what does it mean?

Tia.

[hushcoden]

Could someone guide me on how to troubleshoot this?

Tia.

[Monviech (Cedrik)]

Source: 0.0.0.0
Destination: 255.255.255.255
Port: 4944
Protocol: UDP

The modem tries to tell the router the status of its DSL Line via Broadcast message. That can safely be ignored or you turn off that your modem does this.

Reference:
https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
4944    No    Unofficial          DrayTek DSL Status Monitoring[221]

[hushcoden]

@Monviech  A big, fat THANK YOU!

[hushcoden]

And another question: I'm experiencing an annoying issue, i.e. after enabling the Modem_GUI interface I have no Internet connection at all, why on earth is this ? 

I've attached the configuration.

[Monviech (Cedrik)]

Maybe you have a rogue gateway that gets enabled when you enable the interface? Try to check your gateways and give your upstream ones a higher priority (for example 240).

[hushcoden]

I've attached the gateways - my understanding is that the first one has been created as in the Moded_GUI interface I've checked the option Dynamic gateway policy but I don't know if I should checked it or not ?

And if so, should I change the MODEM GUI gateway priority from 254 to 240 ?

Besides, as for the NAT Outbound rule, should I select the option 'Static Port' ??
Thanks.