Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Question about inbound NAT and "Reply-to on WAN rule"
« previous
next »
Print
Pages: [
1
]
Author
Topic: Question about inbound NAT and "Reply-to on WAN rule" (Read 4075 times)
MrCroa
Newbie
Posts: 13
Karma: 1
Question about inbound NAT and "Reply-to on WAN rule"
«
on:
June 05, 2018, 04:33:23 pm »
Hello folks,
I'm trying to migrate my firewall (linux iptables) to an opnsense virtual machine. I converted all rules to OPNsense, but first time I tried an inbound nat rule on a external cidr range 193.x.x.x/27 routed to opnsense wan, it didn't work.
I was going to became crazy when I check the box "Disable reply-to on wan rule" and it was suddenly working.
I'm not sure I understand why I have to check this to make it work.
Can you explain this to me ?
Thanks
Logged
franco
Administrator
Hero Member
Posts: 15077
Karma: 1306
Re: Question about inbound NAT and "Reply-to on WAN rule"
«
Reply #1 on:
June 05, 2018, 09:59:07 pm »
It tries to pin the return traffic to a specific gateway in case Multi-WAN is used. Otherwise the return traffic may return the other WAN interface, which is not working for the remote end.
Sometimes the gateway receiving the reply refuses to send it back to the internal network and it looks like it's not working.
If you don't have Multi-WAN global disable of reply-to is also feasible.
Cheers,
Franco
Logged
MrCroa
Newbie
Posts: 13
Karma: 1
Re: Question about inbound NAT and "Reply-to on WAN rule"
«
Reply #2 on:
June 06, 2018, 09:10:37 am »
Yes but I don't have multi-WAN, so it's not supposed to work anyway with or without reply-to rules ?
Logged
franco
Administrator
Hero Member
Posts: 15077
Karma: 1306
Re: Question about inbound NAT and "Reply-to on WAN rule"
«
Reply #3 on:
June 12, 2018, 09:36:23 am »
Sorry, I don't understand your question.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Question about inbound NAT and "Reply-to on WAN rule"
