NAT Reflection / Hairpinning broken for WiFi clients after 26.1 upgrade

[PilaScat]

Hi everyone,

I've recently updated my OPNsense box to version 26.1 and performed the firewall migration. Since the update, I'm experiencing a strange issue with NAT Hairpinning (NAT Reflection).

The Issue: I can no longer access my locally hosted services from within my internal network using their public FQDN/WAN IP. However, there are some specific behaviors:

• Tunnels work: Services routed through Cloudflare Tunnels or Pangolin are reachable without issues.
• Ethernet works: My desktop PC, connected via Ethernet, can still reach local services via the WAN IP (Hairpinning seems to work here).
• WiFi is broken: Devices connected via my UniFi APs cannot reach local services. They can only access them when switching to mobile data (LTE/5G).

Current Configuration: Before the update, everything was working perfectly. My current NAT settings are:

Reflection for port forwards: Disabled

Reflection for 1:1: Disabled

Automatic outbound NAT for Reflection: Disabled

It seems like the NAT Reflection is not being applied correctly to the WiFi interface/VLAN after the migration, or there's a routing/DNS conflict introduced by the new version.

I am attaching screenshots of my Firewall settings.

Has anyone else experienced issues with NAT Reflection being restricted to specific interfaces after the 26.1 migration? Any advice on where to look would be greatly appreciated.

Thanks in advance!

[TheSHAD0W]

Wifi was broken in general for the 26.1 release. I'm surprised it was working for you. Try the latest update. You may need ot delete and reinstall the wifi.