Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
Strange issue with NAT Rule Cloning
« previous
next »
Print
Pages: [
1
]
Author
Topic: Strange issue with NAT Rule Cloning (Read 3783 times)
MasterXBKC
Jr. Member
Posts: 66
Karma: 6
Infragard Member
Strange issue with NAT Rule Cloning
«
on:
March 20, 2018, 12:48:38 am »
So here is a bizarre one i have just discovered.
I have a opnsense vm on VMware ESXi, with a number of virtual machines behind it, it holds 2 wan ips.
I had a bunch of rules going to VM-A at 10.0.0.2, for ssh, http, https, etc.
So i needed the same rules for the new vm, which is VM-B, so i added the second IP as a virtual ip, and then cloned each of the nat rules and on each new copy swapped the wan address for the new virtual ip, and changed the redirect ip to 10.0.0.3. Saved, and applied.
None of the nat rules worked, the VM was in-accessible from the wan side completely. i re-verified all the settings several times, but all attempts to reach VM-B via the new virtual ip were refused.
So i deleted the rules and created them again the same way, and ended up in the same situation.
As a last ditch effort, i deleted all the rules for VM-B again, and instead of using the clone button, I created them all manually for VM-B, and now they all work the first time.
Something in the cloning of a NAT rule is not working properly.... But everything looks proper in the GUI.
Logged
Member of FBIs Infragard Program
Certified Information Systems Security Officer
Certified Vulnerability Assessor
PFMonitor Remote Management, Backup, & Live Monitoring for PFSense and OPNSense
OPNSense Units: R720XD XL, R720XD XL, R720XD, R720XD, R710, DL360G7, QNAP
dcol
Hero Member
Posts: 635
Karma: 51
Re: Strange issue with NAT Rule Cloning
«
Reply #1 on:
March 20, 2018, 10:24:46 pm »
One issue I ran into was cloning a NAT PF rule would not create an associate firewall rule.
Logged
MasterXBKC
Jr. Member
Posts: 66
Karma: 6
Infragard Member
Re: Strange issue with NAT Rule Cloning
«
Reply #2 on:
March 28, 2018, 12:45:18 am »
any news?
Logged
Member of FBIs Infragard Program
Certified Information Systems Security Officer
Certified Vulnerability Assessor
PFMonitor Remote Management, Backup, & Live Monitoring for PFSense and OPNSense
OPNSense Units: R720XD XL, R720XD XL, R720XD, R720XD, R710, DL360G7, QNAP
marjohn56
Hero Member
Posts: 1701
Karma: 179
Re: Strange issue with NAT Rule Cloning
«
Reply #3 on:
March 28, 2018, 09:39:16 am »
Has a bug report ( Issue ) been raised on Github?
Logged
OPNsense 24.7
-
Qotom Q355G4
- ISP -
Squirrel 1Gbps
.
Team Rebellion Member
- If we've helped you remember to applaud
marjohn56
Hero Member
Posts: 1701
Karma: 179
Re: Strange issue with NAT Rule Cloning
«
Reply #4 on:
March 28, 2018, 06:56:55 pm »
Out of interest did you have a look at the rules.debug to see what was showing there?
Logged
OPNsense 24.7
-
Qotom Q355G4
- ISP -
Squirrel 1Gbps
.
Team Rebellion Member
- If we've helped you remember to applaud
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
Strange issue with NAT Rule Cloning