Bug #14776
closed
Port forwarding not working properly
0%
Description
when I creat wiregaurd vpn tunnel and setup NAT rule, if Default gateway IPv4 not setup the wiregaurd interface, then NAT will can't work.
tested on pfsense plus 23.09.01
Previous versions of pfsense allowed multiple wireguard interfaces to support NAT forwarding at the same time.
For my purpose, when I have multiple wireguard VPN connections in different regions, I need to forward each wg to pfsense.
and openvpn p2p mode never work for this.
Updated by Jim Pingle almost 2 years ago
- Status changed from New to Not a Bug
That is almost certainly something in your configuration. Inbound NAT such as port forwards will work on any interface that has reply-to rules, which will come naturally for WireGuard if it's assigned and used properly.
Updated by yon Liu almost 2 years ago
You may not understand my question.
For example I have several wiregaurd p2p tunnels,the wg0 public ip is 15.5.5.5 and the wg1 public ip is 15.8.6.5, I set up these two tunnels LAN NAT port 25 to 10.50.2.6 :25 of the intranet.
If I don't set both WG tunnel interfaces as system default routing gateway, then neither WG tunnel NAT works.Only when I set one of the two tunnels as the system default gateway, the WG tunnel NAT of this default gateway works.
I think it's wrong that the tunnel must be set as the default gateway for NAT to work. Can you understand what I mean?
Updated by Jim Pingle almost 2 years ago
What you are describing is explained by a lack of reply-to on the rules as I mentioned in my first response. Post on the forum to discuss further.