Hello,
I’ve a vyos router/firewall with multiple subnets:
WAN1 eth0 A.x.x.187/28
WAN2 eth1 B.x.x.195/29
…
LAN2 eth4 10.0.18.0/24
I’ve created a SNAT rule for LAN2 via eth0. I can access the internet from LAN2 (eth4) via WAN1 (eth0) and everything works fine.
But now I’ve a problem, that the SNAT rule for eth4 is not working when I’m trying to connect to B.x.x.198 (which is in the same subnet as B.x.x.195). It seems that vyos is ignoring the SNAT rule and routes the traffic directly and non-natted (with 10.0.18.10) through the nearest interface WAN2 (eth1). I’ve verified this with tcpdump @ eth1 but don’t know, why this occurs.
Why is it doing this? How can I change this behavior?
Thanks in advance!