Packets from OPNSense to LAN IP addresses showing incorrect source address

[simonwoodhall]

Hi there,

I'm after a bit of advice on why my OPNSense firewall can't ping devices on the LAN subnet. If I look at the firewall logs, I can see it's sending them using the WAN public IP as the source address, not the LAN IP. It's hitting the automatic rule 'let out anything from firewall host itself (force gw)', which allows it.

It's a pretty straightforward configuration. One LAN interface, one PPPoE WAN interface and an OpenVPN client which is used by some policy routing.

If I enable 'Disable automatic rules which force local services to use the assigned interface gateway.' it can then ping LAN devices ok, but I am not confident I understand the implications of Disabling those.

Is there anything else I need to consider after disabling those automatic rules?

Thanks