NAT - Port Forward - Filter Rule Association not working

[donkeyhero]

I recently posted about this issue when I tried to do DNS Redirect with NAT->Port Forward here: https://forum.opnsense.org/index.php?topic=9245.msg198030#msg198030

In that thread, I mentioned that the Rule only works when then Filter Rule Association is set to Pass for all entries that require Destination/Invert

• .

The resulting rule that is created with the Associated/Unassociated are both not able to be edited under the respective interface under the Filter Rule section. Furthermore, the original setting for Destination/Invert

• is NOT carried over to the Filter Rule section for the respective interface so what ends up happening is that it makes it look like the original NAT Rule does not have the Destination/Invert[ ] checked. It should be !DEST but instead it shows up under Filter Rule as regular DEST.

Unassociated Rule under the Full Text Help says that it can be edited separately in the Filter Rule section but that's not the case as it is identical to Associated Rule where it cannot be edited at all.

Only way I got it to work was to set the Filter Rule Association to Pass. This is a loss of functionality for the other two options which has Associated/Unassociated for the aforementioned issues. I might be missing something here as I am a first-time user of OpnSense but the DNS Redirection instructions found here and Reddit or on the Home Network Guy website would not work unless I did what I had to do above.

[hushcoden]

Hi,

do you mind to share a screenshot of both the NAT port forward rule and the the firewall -> LAN rule?

Tia.