I have ZT working with a par of OPNsense endpoints, site A has 2xWAN and site B has 1xWAN.
On site A:
WAN1: public IPv4 assigned to the FW (ISP1 doesn’t care about IPv6)
WAN2: private IPv4 assigned to the FW, with NAT in the ONT + IPv6 assigned but no working (ISP2 doesn’t know how to properly delegate IPv6). There’s a 1:1 NAT to the firewall (that is as good as it gets with that ISP)
The issue I have is that I see several blocked connection attempts incoming on WAN2. It’s super annoying because it fills-up the disk with filter log entries.
It’s like most attempts to use WAN2 are blocked because no state would allow it (is as if puch hole is not working).The only difference between WAN1 & WAN2 is that WAN2 is behind NAT. Is there any recommended configuration in that scenario?
Anybody has seen this?