OPNsense HA NAT VIP not working

[Willüüü]

Hello,

I evaluate OPNsense in the latest version on VirtualBox. I'm quite happy so far. My setup:

opnsense01.localdomain

WAN 192.168.188.100
LAN 192.168.189.100
WAN VIP: 192.168.188.254
LAN VIP: 192.168.189.254

opnsense02.localdomain

WAN 192.168.188.101
LAN 192.168.189.101
WAN VIP: 192.168.188.254
LAN VIP: 192.168.189.254

client01.localdomain

LAN: 192.168.189.200
GATEWAY: 192.168.189.254

The NAT configuration on my is OPNsense Cluster is configured to use the WAN address of my Cluster. But with this kind of configuration the failover is not transparent. (wget is timing out after the failover) So I've decided to switch the NAT outbound configuration to use the WAN VIP. But after that the NAT access does not work anymore. A curl to an external website is running into a timeout.

The VirtualBox configuration is set to Promiscuous-Mode on all involved interfaces.
Could you please help me?

Regards - Willi

[franco]

Hi Willi,

Have you seen https://docs.opnsense.org/manual/how-tos/carp.html#setup-outbound-nat yet?


Cheers,
Franco

[Willüüü]

Hi Franco,

thank you very much for your really fast response.
Yes I was reading this guide. My NAT configuration:

Code: [Select]

wan any * * * 192.168.188.254 *

Regards - Willi

[Willüüü]

Hello,

I've did a reinstallation of the Cluster. The issue is still there.
Maybe someone can confirm that this feature works in his installation?

Regards - Willi