Inbound NAT keep source address

Started by Marco98, November 22, 2020, 03:11:31 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 22, 2020, 03:11:31 PM
Hi,
i've migrated my Infrastructure to OPNsense.
Im trying to configure a Destination NAT rule, that shuld look like this:

Code Select

interface: wan
proto: udp
src-ip: any
src-port: any
dst-port: "WAN address"
dst-port: 123
redir-address: "WAN address"
redir-port: 51820

This should provide an alternative port for incoming Wireguard-Roadwarrior connections (WAN).
However i cannot configure that configuration i had previously cause of the following issues:

  • I cannot set redir-address in OPNsense to "WAN address" to keep the dst-address in the incoming packets.
  • I cannot set the redir-address to the current WAN-IPv4 address, because the address is dynamic and will change periodically.
  • I cannot change the listening Wireguard port to 123 as this would break incoming NTP used on LAN-side.

Is there any way to just redirect the dst-port without rewriting the destination-address or can i set the redir-address automatically to the current WAN address?
Many thanks for any suggestions
Print
Go Up Pages1
User actions