Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Help troubleshooting nat reflection
« previous
next »
Print
Pages: [
1
]
Author
Topic: Help troubleshooting nat reflection (Read 818 times)
g_man_be
Newbie
Posts: 2
Karma: 0
Help troubleshooting nat reflection
«
on:
June 20, 2023, 06:23:32 pm »
Hello all,
I have somehow the same issues as this person:
https://forum.opnsense.org/index.php?topic=14355.msg66216#msg66216
But in my case, I have already enabled all these advanced settings:
Reflection for port forwards
Reflection for 1:1
Automatic outbound NAT for Reflection
Here is a description of my network:
WAN 2 Public IPs
|
OPN (IP: 10.50.0.2)
|
VM1 => Local IP:
- 10.50.0.3/32
- 10.50.0.4/32
In opnsense I have these port forwarding rules:
- 80 and 443 => 10.50.0.3
- 587 (and other) => 10.50.0.4
And I also have these outbound rules:
- 10.50.0.3/32 => Public IP1
- 10.50.0.4/32 => Public IP2
From the VM1 (where both private IPs are attached to), I can ping all public and private IPs, no problem here. But if I curl or nc any port of the respective public IPs, I get no answer. If I do the same with the private IP it's working.
And I create this kind of rule to forward traffic through each specific private IP address:
iptables -t nat -I POSTROUTING -p all -s 172.23.0.2 ! -d 172.23.0.2 -j SNAT --to-source 10.50.0.4
I must add that this network is hosted in a German public cloud provider. Not sure this has an impact.
Based on other threads, there was a bug related to this in v17 or 18, but I am currently using this version:
OPNsense 23.1.9-amd64
Can someone help me troubleshoot this? To be honest, I don't have this much networking knowledge, so probably the answer is simple, but I don't know where to start, and how to troubleshoot this. I already looked in multiple articles in this forum and other websites but I am still blocked.
Thanks a lot for your help!
«
Last Edit: June 21, 2023, 05:51:00 pm by g_man_be
»
Logged
g_man_be
Newbie
Posts: 2
Karma: 0
Re: Help troubleshooting nat reflection
«
Reply #1 on:
June 21, 2023, 05:54:35 pm »
Hello, I changed my title, maybe it's more "attractive".
Maybe someone can give me a hint where to look, how to troubleshoot my issue? I assume it's NAT reflection because I can see the traffic going out, but never back in
Thanks a lot!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Help troubleshooting nat reflection