OPNsense HA NAT VIP not working

Willüüü · August 07, 2018, 09:13:45 AM

Hello,

I evaluate OPNsense in the latest version on VirtualBox. I'm quite happy so far. My setup:

opnsense01.localdomain

WAN 192.168.188.100
LAN 192.168.189.100
WAN VIP: 192.168.188.254
LAN VIP: 192.168.189.254

opnsense02.localdomain

WAN 192.168.188.101
LAN 192.168.189.101
WAN VIP: 192.168.188.254
LAN VIP: 192.168.189.254

client01.localdomain

LAN: 192.168.189.200
GATEWAY: 192.168.189.254

The NAT configuration on my is OPNsense Cluster is configured to use the WAN address of my Cluster. But with this kind of configuration the failover is not transparent. (wget is timing out after the failover) So I've decided to switch the NAT outbound configuration to use the WAN VIP. But after that the NAT access does not work anymore. A curl to an external website is running into a timeout.

The VirtualBox configuration is set to Promiscuous-Mode on all involved interfaces.
Could you please help me?

Regards - Willi

franco · August 07, 2018, 09:19:09 AM

Hi Willi,

Have you seen https://docs.opnsense.org/manual/how-tos/carp.html#setup-outbound-nat yet?

Cheers,
Franco

Willüüü · August 07, 2018, 09:37:29 AM

Hi Franco,

thank you very much for your really fast response. ;)
Yes I was reading this guide. My NAT configuration:

Code Select


wan	any 	*	*	*	192.168.188.254	*

Regards - Willi

Willüüü · August 13, 2018, 09:35:17 AM

Hello,

I've did a reinstallation of the Cluster. The issue is still there.
Maybe someone can confirm that this feature works in his installation?

Regards - Willi

OPNsense HA NAT VIP not working

Willüüü

August 07, 2018, 09:13:45 AM Last Edit: August 07, 2018, 09:15:18 AM by Willüüü

franco

August 07, 2018, 09:19:09 AM #1

Willüüü

August 07, 2018, 09:37:29 AM #2

Willüüü

August 13, 2018, 09:35:17 AM #3