Port Forwarded Traffic (from WAN to LAN) Shows Router IP as Source

[Enverex]

So I've just noticed an issue I've not experienced on any router before so I'm not sure how to handle it on OPNsense either.

I have a bunch of ports forwarded from OPNsense (as well as NAT reflection enabled so they work from inside the LAN) through to various servers but in this case I'll focus on the web traffic. Traffic that hits the internal web server from external clients is showing the routers internal LAN IP rather than the IP of the actual remote client.

Any ideas why? I've not created any custom rules other than the port forwards which are set up in the same way as all the guides I've seen.

[viragomann]

Most probable reason for this behavior ist a gateway defined on the LAN interface.
So check the interfce settings.

[Monviech (Cedrik)]

Most likely the following option:

Firewall - Settings - Advanced - Automatic outbound NAT for Reflection

Deactivate it

Read this and learn if you need it:

https://docs.opnsense.org/manual/how-tos/nat_reflection.html

[Enverex]

Most likely the following option:

Firewall - Settings - Advanced - Automatic outbound NAT for Reflection

Deactivate it

Read this and learn if you need it:

https://docs.opnsense.org/manual/how-tos/nat_reflection.html

I *did* have that enabled but disabled it a few hours ago as I suspected that may be the cause. Unfortunately it doesn't appear to have fixed the problem though. Is there anything else I need to manually remove after turning it off? There was a LAN gateway listed still which I've since deleted, but still no dice.

[Monviech (Cedrik)]

If IP source gets rewritten check Outbound NAT rules.

[Enverex]

That was it, thanks.

There were some manual rules that I don't remember adding but maybe did a while back because when I originally set up OPNsense I couldn't get any outbound traffic to work at all. At least it's sorted now. :)

[Monviech (Cedrik)]

Great :)