Yea that’s what I meant.
This is what I have for hairping NAT to my Home Assistant, which works fine.
eth1 is my LAN interface, 192.168.0.1/24
192.168.0.7 is my Home Assistant’s IP address.
nat {
destination {
rule 90 {
description "Home Assistant"
destination {
port 8123
}
inbound-interface {
group wan-interfaces
}
protocol tcp
translation {
address 192.168.0.7
}
}
rule 200 {
description "Hairpin NAT for Home Assistant"
destination {
address <my public ip>
port 8123
}
inbound-interface {
name eth1
}
protocol tcp
translation {
address 192.168.0.7
}
}
source {
rule 200 {
description "Hairpin NAT for Home Assistant"
destination {
address 192.168.0.7
port 8123
}
outbound-interface {
name eth1
}
protocol tcp
source {
address 192.168.0.0/16
}
translation {
address masquerade
}
}
Here’s a thing I wrote about pinholing a while ago, I think it’s good to link it because it’s an easy mistake to make and it stuffs up your logging badly.