Hey, I have a setup like this: 2 isp routers (in bridge mode and ISPs as failover) -> Openwrt Router -> opnsense router.
I have disable NAT for a VLAN on opnsense router buy adding a rule for it in OutBound NAT. Now how can I make openwrt forward this to request to WAN.
My requirement is to be able to see few subnets behind Opnsense router on my OpenWrt router so that I can define rules to load balance, (instead of failover) between multiple ISPs. Am I missing something?
Make the other networks known to OpenWrt by installing routes to them, setting the opnsense router's address on the OpenWrt LAN as the route's gateway (next hop). The gateway IP must be something that is directly reachable by OpenWrt. The Interface setting is redundant (since the Interface of the gateway is already in the routing table), but the system is not smart enough for that.
/etc/config/network
config route
option interface 'lan'
option target '192.168.3.0/24'
option gateway '192.168.1.2'
When a packet arrives from opnsense un NATd by it, it has a source of 192.168.3.4, and a destination of somewhere on the Internet. OpenWrt will NAT it out and make an entry in its NAT connection table so that the reply from the Internet is converted back to destination 192.168.3.4. With the new route, the packet will be sent to opnsense and then to the device at 192.168.3.4.