Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Port-forwarding does not keep the same port on reply
« previous
next »
Print
Pages: [
1
]
Author
Topic: Port-forwarding does not keep the same port on reply (Read 517 times)
zemanek
Newbie
Posts: 18
Karma: 0
Port-forwarding does not keep the same port on reply
«
on:
February 24, 2023, 01:44:23 pm »
I have a setup like this (with port-forwarding and outbound NAT):
------------------------------------
| 10.1.0.0/16 |
------------------------------------
|
|
---
|\ /|
| \ |
|/ \|
---
|
|
-----------------------------------------------------------
| 172.16.1.0/24 |
-----------------------------------------------------------
| |
| 172.16.1.55 | 172.16.1.66
--------------------- ------------------
| WAN | | |
| OPNsense | | testbox |
| | | |
--------------------- ------------------
178 9.541227 172.16.1.66 172.16.1.55 TCP 74 54634 → 443 [SYN] Seq=0 Win=62727 Len=0 MSS=8961 SACK_PERM=1 TSval=521962793 TSecr=0 WS=128
179 9.541272 172.16.1.55 10.1.100.160 TCP 74 48790 → 443 [SYN] Seq=0 Win=62727 Len=0 MSS=8961 SACK_PERM=1 TSval=521962793 TSecr=0 WS=128
180 9.543391 10.1.100.160 172.16.1.55 TCP 74 443 → 48790 [SYN, ACK] Seq=0 Ack=1 Win=62643 Len=0 MSS=8365 SACK_PERM=1 TSval=1336597102 TSecr=521962793 WS=128
181 9.543403 172.16.1.55 172.16.1.66 TCP 74 51030 → 54634 [SYN, ACK] Seq=0 Ack=1 Win=62643 Len=0 MSS=8365 SACK_PERM=1 TSval=1336597102 TSecr=521962793 WS=128
The reply to testbox is not coming from port 443 of OPNsense but from 51030, so the testbox never establishes connection. What do I have to configure to make it work in this network setup (I need any communication from 10.1.0.0/16 to appear as from 172.16.1.55 where IPsec to other site is terminated and the testbox is just to verify the rules)?
«
Last Edit: February 24, 2023, 03:22:34 pm by zemanek
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Port-forwarding does not keep the same port on reply
