Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
High availability
»
[SOLVED] Complex multi-wan (one internal service available via one WAN only)
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] Complex multi-wan (one internal service available via one WAN only) (Read 832 times)
ozpac
Newbie
Posts: 8
Karma: 1
[SOLVED] Complex multi-wan (one internal service available via one WAN only)
«
on:
March 25, 2024, 01:01:16 pm »
Is it possible to host a public file server from just one specific WAN gateway when I have two WAN gateways attached?
See attached diagram.
My two WAN connections:
- WAN1: IPv6 with a static public IP address, plus IPv4 using CGnat (no public IP address)
- WAN2: IPv4 with a static public IP address, no IPv6
I have these configured in OPNSense as a fail-over multi-WAN group with WAN1 as primary.
The problem is that I have external clients who need to reach the file server but they themselves are on IPv4-only connections and therefore cannot reach the fileserver which spends 99% of its time on the IPv6 connection only.
Is there a way to allow external IPv4 clients to reach that internal file server while keeping the fail over multi-wan policy in place?
«
Last Edit: April 04, 2024, 12:59:40 pm by ozpac
»
Logged
ozpac
Newbie
Posts: 8
Karma: 1
Re: Complex multi-wan (one internal service available via one WAN only)
«
Reply #1 on:
March 31, 2024, 10:21:31 pm »
Are VLANs the answer?
Logged
ozpac
Newbie
Posts: 8
Karma: 1
Re: Complex multi-wan (one internal service available via one WAN only)
«
Reply #2 on:
April 04, 2024, 12:57:21 pm »
Solved:
- DNS: your.domain:
- A record points to WAN2 IPv4 public address
- Static Route:
- Not needed
- Firewall > NAT > Port Forward > + Add
Interface: WAN2
TCP/IP Version: IPv4
Protocol: TCP
Destination: This Firewall
Destination Port Range: <port> -> <port>
Redirect target IP: <file_server>
Redirect target port: <port>
NAT reflection: Use system default [enabled]
- Firewall > Rules > LAN >+ Add
Action: Pass
Interface: LAN
Direction: in
TCP/IP Version: IPv4
Protocol: TCP
Source: <file_server>
Destination: any
Destination port ranges: any -> any
Gateway: WAN2
- Firewall > Rules > WAN2 > + Add
This will get automatically created:
Protocol: IPv4, TCP
Destination: <file_server> : <port>
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
High availability
»
[SOLVED] Complex multi-wan (one internal service available via one WAN only)