Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
Help with One-to-One NAT
« previous
next »
Print
Pages: [
1
]
Author
Topic: Help with One-to-One NAT (Read 725 times)
nebular
Newbie
Posts: 1
Karma: 0
Help with One-to-One NAT
«
on:
January 13, 2023, 08:55:15 pm »
Hello, I'm having trouble getting One-to-one NAT working for me.
Here's my setup: I have 3 servers running esxi 7 (let's call them server1-3). All 3 are connected to a dedicated switch and only server1 has a connection to the main network (corporate and internet). I have an OPNsense VM running on server1 to deal with access to the main network. My subnet on the main network is 10.158.0.0/24 and I can use any of the 254 IPs.
What I want to do is give full access to the management interfaces of the other two servers to the main network. I'm starting with just one. I'd like 10.158.0.21 to go directly to server2's management IP.
On server2 I have a VMKernel NIC setup for management with IP 192.168.1.21. On server1 I setup two port groups, 'Lab DMZ Internal' and 'Lab DMZ External'. External is connected to the vSwitch with uplinks to the main network and Internal is connected to the vSwitch with uplinks to the network between the 3 routers. The OPNsense VM has 4 interfaces. The original WAN and LAN(subnet 192.168.0.0/24) for regular access to the internet and then Lab2Internal (assigned to Lab DMZ Internal Port group) and Lab2External(assigned to LAB DMZ External). Lab2External has a static IP of 10.158.0.21, Lab2Internal has a static IP of 192.168.1.1 (but I have tried it without any IP as well).
I've tested with pass rules and can access the GUI interface from both 10.158.0.21 and 192.168.1.21 so traffic is getting to the VM from both interfaces. However I can seem to get it to just simply NAT literally everything from 'Lab DMZ External' to 'Lab DMZ Internal'
Could someone either direct me to a guide that makes how to do this painfully clear or give me the steps here? I would be forever grateful.
Logged
FraLem
Jr. Member
Posts: 83
Karma: 2
Re: Help with One-to-One NAT
«
Reply #1 on:
January 14, 2023, 09:18:02 am »
Hi there,
I don't think I get you idea correctly. If One to One Nat is what you need, you just need to create Ip Alias address on the interface of Server1 facing the main network (10.158.0.21) and adding the One/One nat rule 10.158.0.21 to
192.168.1.21.
Hope this helps.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
Help with One-to-One NAT