"Outbound" NAT is broken after restart

Started by jle, May 12, 2026, 09:54:26 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 12, 2026, 09:54:26 PM
Good evening,

In my setup, "Outbound" NAT is set as "Automatic outbound NAT rule generation". I think that's the default setting.

Therefore all packets from private LANs are supposed to be SNAT'ed with the appliance's WAN facing IP address.

However after a restart of my OPNsense VM, that outbound NAT is not applied. Packets from internal devices (all of them behind a Wireguard tunnel) leave the OPNsense VM's WAN facing interface with their private IP address as the packet source.

Clicking (without any change to the configuration!) the "Apply" button in Firewall > Rules [new], or in Firewall > NAT > Outbound, restores the expected behaviour: packets from internal LANs are SNAT'ed.

That behavior is seen with 26.1.7 and 26.1.8 and is reproducible after each restart.

Could this be a misconfiguration, or would that be a bug instead ?

Thank you for your feedback.
Print
Go Up Pages1
User actions