I finally decided to upgrade my opnsense box after a couple of years of deferring and, in the heat of the moment, forgot to double-check I had configuration backups. After the upgrade to OPNsense 24.1.8-amd64 (FreeBSD 13.2-RELEASE-p11), there were some issues with LAN clients accessing the WAN that I solved by resetting to default settings. (I have not modified much, so it’s somewhat trivial to add back aliases and rules.)
Now, however, I am facing a problem where port forwarded services do not work. I am running Nginx Proxy Manager to handle the various web services on my LAN and the setup has served me well for years. I have made no changes to Nginx PM, to my port forwarding rules (see below), or to the individual services and their boxes. Put simply, everything was working 100% without issue until I foolishly upgraded.
I suspect the issue is a double NAT issue with my godawful BGW320-505 gateway. I have had this configured to IP passthrough mode without issue for years. But, after the Opnsense upgrade (and defaults), I did notice that my interfaces display what looks to be an upstream-gateway assigned IP address. Previously, my upstream WAN gateway was the IP address of the BGW320-505 box.
System: Gateways: Configuration
Despite all of the above, there seems to be some weird DNS issue/NAT issue. The strongest example I’ve uncovered of this is, from my LAN directly accessing my WAN IP. While this should show me my http-facing webserver, the request times out for a while then eventually resolves to a 404 page but–and this is the bizarre part–not before appending :440 (my webgui port for Opnsense) to the WAN IP in the address bar. (Note that this does not occur when accessing my direct IP address from exterior to the network.) I’m hoping that is the key to solving this but, after more than 15 hours spent researching this and trying various solutions available on forums/reddit/etc., I have not found anything to work.
Please help!
Gave it a shot (1472) but no luck.