Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
Dynamic SNAT configuration
« previous
next »
Print
Pages: [
1
]
Author
Topic: Dynamic SNAT configuration (Read 281 times)
opaloxbird
Newbie
Posts: 1
Karma: 0
Dynamic SNAT configuration
«
on:
August 02, 2024, 12:11:21 pm »
Hello
I am coming from a Fortigate 30E firewall that a colleague set up for me. Now I have switched to OPNsense due to update and license requirements and have got everything running well myself on OPNsense.
The problem is that we had to set up an IP pool with the Fortigate (I think it's called SNAT with Opnsense) (Doc from Fortinet:
https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/29961/dynamic-snat
), because suddenly the Internet went down after a while because (according to my colleague) the single interface was receiving too many requests.
I am with a cheap ISP and have to use their router. I cannot activate bridgemode (only deactivate DHCP and change W-Lan password).
The IP-Pool setting worked, which is why I now want to activate the same on the OPNSense.
Since I would like to learn something myself, I am now asking this question in the Forum whether I have configured this correctly:
Picture original Fortigate config:
https://imgur.com/a/85KKMCt
Picture new config on OPNsense:
https://imgur.com/a/TujkoRO
Is this correct?
My internal network after the firewall is 10.10.10.1-254
My router network (but only the firewall is connected there is): 192.168.1.1-254
Thank you
«
Last Edit: August 02, 2024, 12:12:56 pm by opaloxbird
»
Logged
turipriv
Newbie
Posts: 2
Karma: 0
Re: Dynamic SNAT configuration
«
Reply #1 on:
August 02, 2024, 10:22:51 pm »
Hi,
I think that what you are looking for in OPNsense is Outbound NAT which normally is configured automatically.
What would happen in this case is that OPNSense automatically translates all your inside IP addresses into its WAN IP address, the IP address of the interface connected to your router.
Your router will then perform another NAT, and translate its inside IP address to its public (outside) address.
If for whatever reason you want to perform 1:1 NAT Manually, you should set outbound nat to either Hybrid or Manual.
More info can be found here:
https://docs.opnsense.org/manual/nat.html
Logged
HW:
Protectli VP2420
16GB RAM
240 GB SSD
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
Dynamic SNAT configuration