SUBNET NAT

Started by Math43, March 06, 2019, 04:15:18 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 06, 2019, 04:15:18 PM Last Edit: March 06, 2019, 05:24:22 PM by Math43
Hello,

I've got the following network (simplified, i've got many more networks of right side)

172.18.3.0/24<----->.150 vmx0[OPNSENSE BOX]vmx8_vlan2595 .150<---->192.168.151.0/24

I'm trying to nat the whole 192.168.151.0/24 to another subnet (10.155.0.0/24) because i'm not able to readdress this network.

I need to setup
- a source nat to replace source IP vmx8_vlan2595 ip
- a destination nat to translate 10.155.0.0/24 destination ip to real 192.168.151.0/24 ip.

rules extract from pfctl
nat on vmx8_vlan2595 inet from any to 10.155.0.0/24 -> 192.168.151.150 port 1024:65535
rdr pass log on vmx0 inet from any to 10.155.0.0/24 -> 192.168.151.0/24

For now it's not working. Same configuration is working on Sophos firewall

Iptables extract from sophos
Chain fw6_nat_out (1 references)
pkts bytes target                prot opt in     out     source               destination          optimization
    0     0 RANGENAT              all  --  *      *       0.0.0.0/0            0.0.0.0/0           skip_ip_match       hostset --dstid 405  RANGENAT --from 10.155.0.1-10.155.0.254 --to 192.168.151.1-192.168.151.254

Chain fw6_nat_pre (1 references)
pkts bytes target                prot opt in     out     source               destination          optimization
    0     0 RANGENAT              all  --  *      *       0.0.0.0/0            0.0.0.0/0           skip_ip_match        ENTITY MATCH  --fwruleid 6 hostset --dstid 405  RANGENAT --from 10.155.0.1-10.155.0.254 --to 192.168.151.1-192.168.151.254


Regards,
Mathieu


Print
Go Up Pages1
User actions