NAT reflection causes local interface to be treated the same as WAN

Started by sesquipedality, April 21, 2020, 04:26:55 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 21, 2020, 04:26:55 PM
I have an opnsense router on 192.168.10.1 and several NAT rules set up similar to the following

Interface: WAN
Destination: WAN IP
Port: 2222
Target: 192.168.10.100
Target Port: 2222

When I try to connect to port 2222 on the router from inside the network (i.e from 192.168.10.50 to 192.168.10.1), then the request is redirected to the NAT machine 192.168.10.100

Port reflection and automatic outbound NAT for reflection is enabled.   Turning these off stops this behaviour.

This is not desired behaviour.  Is it an inevitable consequence of port refection.  If so I will just put all of my external names in the unbound overrides and turn off reflection, as this will largely achieve what I want, but for testing and consistency purposes I would prefer that DNS resolve to the same values inside and outside of the LAN.
April 21, 2020, 09:45:52 PM #1
No, this is exactly what it is for. Nat reflection is disabled by default, so this is correct. Nat reflection is the same a hair pinning which is how other vendors call it. It allows you to reach an external portforward from the inside network.
Print
Go Up Pages1
User actions