Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
Change when/how NAT rule applies
« previous
next »
Print
Pages: [
1
]
Author
Topic: Change when/how NAT rule applies (Read 733 times)
danderson
Full Member
Posts: 107
Karma: 9
Change when/how NAT rule applies
«
on:
August 14, 2023, 11:55:19 pm »
So I have 1 subnet that I want to use 2 different outbound NAT rules at different times, I have tried setting the FW rule and the outbound nat rule using the Set local tag and Match local tag options, but it doesnt seem to work.
Ideas or thoughts, im trying to have it apply to ANY ANY in the nat rule based on the traffic selected by specific FW rules.
Logged
Maurice
Hero Member
Posts: 1213
Karma: 158
Re: Change when/how NAT rule applies
«
Reply #1 on:
August 15, 2023, 12:41:19 am »
What doesn't work? Firewall rule scheduling or tag matching in the outbound NAT rules?
Did you add the firewall rules to the LAN interface (pass in)?
Did you disable automatic outbound NAT rule generation?
Cheers
Maurice
Logged
OPNsense virtual machine images
OPNsense aarch64 firmware repository
Commercial support & engineering available. PM for details (en / de).
danderson
Full Member
Posts: 107
Karma: 9
Re: Change when/how NAT rule applies
«
Reply #2 on:
August 15, 2023, 01:12:09 am »
its the tag matching in the outbound rule.
Yes tag FW rule is on LAN pass in with the set local tag to XXXYYYZZ
Then on the outbound nat its set to match local tag XXXYYYZZ
But it still uses the default nat.
Automatic outbound it set to hybrid as the manual rules apply 1st. Also the nat rule im using the tag matching on is above the regular outbound nat that I use for all the subnets. Ive even tried changing the order.
I see in the logs that it hits the FW rule, but doesnt use the NAT rule with tag matching. If I change the NAT rule to use the source subnet it works fine
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
Change when/how NAT rule applies
