Simple One-To-One NAT Rule

[fjose.galan]

Hello Comunity,

I just landed in to the OpnSense world and I am playing around during today.
I success installed OpnSense and configured WAN and LAN interfaces properly. I reached the web interface and login without issues.
Then starts my question... I was reading the documentation but I did not accomplish my achievement...

Setup

OpnSense 23.1
WAN Config:
WAN Segment 172.16.0.0/16
WAN IP adress 172.16.33.169
LAN Config:
LAN Segment 10.255.0.0/16
LAN IP address 10.255.100.100

What I want to do is really simple.
Translate the address 172.16.33.162 to 10.255.100.1 to reach from external IP 172.16.33.162 a device placed on internal IP 10.255.100.1
I assumed One-To-One NAT rule but is not clear for me.

Sorry for this probably basic question, but I am confused about if this software can do what I pretend, or is a router as "standard"

Thanks in advance for any answer and sorry to disturb with this kind of questions.

Regards people

Fran

[bartjsmit]

Hi Fran, welcome!

Firewall: NAT: One-to-One, add with the 'plus' icon at the top.

Put 172.16.33.162 in the External network field, Source Single host or Network, 10.255.100.1/32, Destination any

You will have guessed that OPNsense describes the 1:1 NAT outbound ;)

Don't forget to add firewall rules on the WAN interface with 10.255.100.1 as the destination and the protocols you want to allow.

Bart...

[fjose.galan]

Hell again,

Thanks Bart.

I will give a try. I need to have a look in the last point you mention:

Don't forget to add firewall rules on the WAN interface with 10.255.100.1 as the destination and the protocols you want to allow.

I´ll be back (Like Terminator) with results.

Regards

Fran