Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Port nating
« previous
next »
Print
Pages: [
1
]
Author
Topic: Port nating (Read 2514 times)
boni127
Newbie
Posts: 15
Karma: 0
Port nating
«
on:
February 17, 2019, 01:12:02 pm »
Hi,
i have a Vigor 130 as vdsl+ Modem on my opnsense connected to the interface igb0.
So i configured a point-to-point Interface on the physical interface igb0. Everything works fine :-)
The vigor has an administration-interface at the ip 192.168.1.1 and i want to reach this interface from my local network 192.168.5.0/24.
For this purpose i switched the Outbound-NAT (Firewall: NAT: Outbound) from "Automatic outbound NAT rule generation" to "Hybrid outbound NAT rule generation" and added an new rule:
Interface Source Source Port Destination Destination Port NAT Address NAT Port Static Port Description
Vigor LAN net * Vigor net * Vigor address * NO
Vigor.: Interface igb0
LAN net. : 192.168.5.0/24
Vigor net : 192.168.1.0/24
but i can't reach the vigor.
Then i changed the Destination from Vigor-Net to the ip of the vigor and it worked.
Vigor LAN net * 192.168.1.1/32 * Vigor address * NO
Then i changed the destination from 192.168.1.1/32 to 192.168.1.0/24, and it worked too.
So im confused, isn't the destination "Vigor net" similar to the network-address 192.168.1.0/24
Thanks for every explanation.
Detlev.
Logged
bartjsmit
Hero Member
Posts: 2018
Karma: 194
Re: Port nating
«
Reply #1 on:
February 17, 2019, 01:30:55 pm »
Hi Detlev,
I have an identical setup and have set my translation target to 'interface address' and source to 'LAN Net' with all others set to *
I also have a separate outbound NAT rule to cover my VPN tunnel range.
Bart...
Logged
boni127
Newbie
Posts: 15
Karma: 0
Re: Port nating
«
Reply #2 on:
February 17, 2019, 05:15:38 pm »
Hi Bart,
thanks for your answer. I Think in this case, it's just the same: target interface address and target vigor address.
Bye
Detlev.
Logged
amflow
Newbie
Posts: 1
Karma: 0
Re: Port nating
«
Reply #3 on:
March 18, 2019, 12:31:23 pm »
I would like to take up the topic again.
I put the NAT mode on hybrid and inserted the following NAT rule as shown in the attached picture.
It is not working.
I have created an interface named "ModemAccess" on re0 where WAN access already is and assigned the static IP address 192.168.1.2/24.
Is it a firewall rule that can block here? I have already added a firewall rule that allows access from "LAN" to "ModemAccess net".
Greetings
Florian
Logged
hbc
Hero Member
Posts: 501
Karma: 47
Re: Port nating
«
Reply #4 on:
March 18, 2019, 02:35:56 pm »
Quote
So im confused, isn't the destination "Vigor net" similar to the network-address 192.168.1.0/24
I think it is a bug, that prevents aliases to be used in port forwardings.
see:
https://forum.opnsense.org/index.php?topic=12002.0
Should be solved with 19.1.5
Logged
Intel(R) Xeon(R) Silver 4116 CPU @ 2.10GHz (24 cores)
256 GB RAM, 300GB RAID1, 3x4 10G Chelsio T540-CO-SR
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Port nating