Hairpin NAT issues

Started by peoriait, November 07, 2023, 07:28:57 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 07, 2023, 07:28:57 PM
Hi everyone, I just wanted to put this here because it took me awhile to figure out how to resolve this.

When I install Opnsense from scratch and set up my reverse proxy, everything works perfectly fine externally.

However all my local clients cannot access any of the services via the external domain names due to some firewall issues.

So after digging around forever and playing with some things I discovered what I needed to do was enable the NAT reflection options in the Firewall>Settings>Advanced section, AS WELL AS edit my NAT rules to also include the LAN on the interface along with the WAN.

Once I added the LAN interface to the NAT rules it all works perfectly! It makes sense as that would make the rule match since the traffic is also on the interface.

I hope this saves someone else as big of a headache as I had trying to figure this out!

Cheers!
November 07, 2023, 07:41:36 PM #1
Hello, welcome, and good job at finding that out by yourself.  :)

It's a little convoluted, that's why I wrote a doc about it recently.

https://docs.opnsense.org/manual/how-tos/nat_reflection.html
Hardware:
DEC740
Print
Go Up Pages1
User actions