26.1.6_2 Destination NAT - how to use port range?

Started by OPNsense4ever, April 26, 2026, 11:47:58 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 26, 2026, 11:47:58 PM
Hello,

I am trying to redirect ports TCP/UDP ports 1630-1641 to a host on my LAN. I can use the "Single port or range" drop-down for the Destination Port, but there is nothing similar for Redirect Target Port. I looked at the docs here, but I don't see anything.

What should be used for Redirect Target Port? The first port in the range? 1630? any?

Thank you!
Today at 01:13:16 AM #1
I'm pretty sure destination NAT is one to one. You would need 2 rules, one for port 1630 and one for port 1631 if you need both redirected.

Edit: Oops, just realized you have 12 ports to 1641. So it would be 12 rules. I could be wrong, but that's what I did for the redirects i need.
Today at 02:29:46 AM #2 Last Edit: Today at 02:37:59 AM by lmoore
Quote from: OPNsense4ever on April 26, 2026, 11:47:58 PMWhat should be used for Redirect Target Port? The first port in the range? 1630? any?

In your case you would enter 1630, which is the base port number for the range.

Connections arriving within you port range of 1630-1641 will be redirected to ports 1630-1641 at the redirected address.

If you set your Redirect Target Port to 20630, the connections arriving within the port range of 1630-1641, will be redirected to 20630-20641.

If you wanted to use multiple but not sequential ports, you would set up a Port Alias with the port numbers and use the Port Alias in the Destination Port and Redirect Target Port fields.

[Edit] Using "any" simply redirects to the port numbers within the range.
Today at 03:01:00 PM #3
Weird guy who likes everything Linux and *BSD on PC/Laptop/Tablet/Mobile and funny little ARM based boards :)
Today at 04:55:25 PM #4
Quote from: lmoore on Today at 02:29:46 AM
Quote from: OPNsense4ever on April 26, 2026, 11:47:58 PMWhat should be used for Redirect Target Port? The first port in the range? 1630? any?

In your case you would enter 1630, which is the base port number for the range.

Connections arriving within you port range of 1630-1641 will be redirected to ports 1630-1641 at the redirected address.

If you set your Redirect Target Port to 20630, the connections arriving within the port range of 1630-1641, will be redirected to 20630-20641.

If you wanted to use multiple but not sequential ports, you would set up a Port Alias with the port numbers and use the Port Alias in the Destination Port and Redirect Target Port fields.

[Edit] Using "any" simply redirects to the port numbers within the range.

Fantastic! This should be documented somewhere though. Is it written somewhere that I missed?

😁 Let me see if I can get my proverbial stuff together for a PR if not.
Print
Go Up Pages1
User actions