OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 16.1 Legacy Series »
  • NAT Routing
« previous next »
  • Print
Pages: [1]

Author Topic: NAT Routing  (Read 13096 times)

eddys

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
    • View Profile
NAT Routing
« on: May 17, 2016, 11:15:02 am »
Hello,

Is it possible to configure opnsense as a pure bi-directional NAT router?

Network[192.168.1.0/24] <---> [OpnSense]  <---> Network[192.168.2/24]

currently we use Linux with iptables and Masquerading. But I cannot find an option in the webinterface to do something similar.


Eddy
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13625
  • Karma: 1173
    • View Profile
Re: NAT Routing
« Reply #1 on: May 17, 2016, 11:21:18 am »
Hi Eddy,

This will be set up by default when WAN e.g. gets an IP via DHCP from 192.168.1.0/24 and the LAN is set up as static 192.168.2.1 unless you want another server to handle DHCP for your internal clients.

The settings for this are under Firewall: NAT: Outbound, but they are set to automatic, so any interface not WAN will be "masqueraded" through WAN.

Edit: Maybe you are trying to set up NAT for the other side as well. Can try that with the Hybrid or Manual Outbound settings there.


Cheers,
Franco
Logged

eddys

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
    • View Profile
Re: NAT Routing
« Reply #2 on: May 17, 2016, 11:48:39 am »
Hi Franco,

yes the "normal" NAT mode is working.

LAN [192.168.1.0/24] ---> [OpnSense]  ---> WAN[192.168.2/24]

But what I want to do is bi-directional. So basically both sides of [OpnSense] are LANs and I want to be able to access both Networks from the other Network.

LAN [192.168.1.0/24] <---> [OpnSense]  <---> LAN[192.168.2/24]


HOSTx [192.168.1.2]
Code: [Select]
> ping 192.168.2.5
... OK


HOSTy [192.168.2.5]
Code: [Select]
> ping 192.168.1.2
... OK





Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13625
  • Karma: 1173
    • View Profile
Re: NAT Routing
« Reply #3 on: May 17, 2016, 12:32:16 pm »
Ok, under Firewall: NAT: Outbound, set it to Hybrid Mode, add your addition rule for "LAN address" (as opposed to "WAN address") with source 192.168.1.0/24 and reload.

PS: You'll likely have to allow private networks for WAN under Firewall: Rules: WAN (deactivate the automatic block rule).
« Last Edit: May 17, 2016, 12:35:29 pm by franco »
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 16.1 Legacy Series »
  • NAT Routing
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2