Forward local port to WAN Bridge

[Patrick M. Hausen]

You need an OUTBOUND NAT rule on your WAN interface not a port forward. No destination port, no translation port, just NAT all outbound traffic towards the modem to the alias address.

[teclab]

Guys, I appreciate your support. But searching for 'outbound' I find:

Outbound NAT (Network Address Translation) changes the source IP address of traffic leaving a private local network (like your home or business network) to a public IP address as it goes out to the internet, allowing multiple devices to share one public IP and enabling internet access.

Why do I want to change (hide) the source IP?

I only wanted to reach a single IP on a single port on the WAN side. What's wrong with port mapping?

[Patrick M. Hausen]

Why do I want to change (hide) the source IP?

Because your modem does not know how to reach your source  IP. So you NAT to an IP in the same network.

What's wrong with port mapping?

It doesn't work the way you think it works. With outbound NAT you can reach your modem.

Or spend more pointless hours. You do you.

[viragomann]

Why do I want to change (hide) the source IP?

The origin source IP is from your PC in the LAN. So it'S something in 10.x.x.x.

When you access the modem from this IP, it will send responses back to it.
However, as Patrick mentioned, your modem doesn't know, that this is behind the OPNsense and therefore it will send the respond to its default gateway, which might be somewhere on your ISPs site.

With the suggested outbound NAT rule, OPNsense translates the source IP of the respective traffic into its own virtual IP, which is in the same subnet as the modem and hence it can send back responses properly.