kavren/proxmox-infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Add NAT port forward migration and port range fix

Browse Source 
- Migrated all port forwards from Asus router to OPNsense
- Documented port range NAT syntax (local-port must be starting port only)
- Added Common Gotcha #4 for port range rules in DECISIONS.md

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
kavren
2025-12-21 23:55:19 -05:00
parent 9aacc8e19d
commit 9fd5735586
2 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
docs/CHANGELOG.md
View File

@@ -114,6 +114,19 @@
- os-qemu-guest-agent (for Proxmox integration)
- os-tailscale (backup VPN, not yet configured)
### NAT Port Forwards Migrated
- **Port forwards migrated from Asus router** to OPNsense:
- HTTP (80) → Traefik (10.4.2.10)
- HTTPS (443) → Traefik (10.4.2.10)
- Game server ports → AMP (10.4.2.26):
- 2223-2323, 2456-2556, 5678-5778, 7777-7877, 8766-8866 (AMP)
- 25565-25570 (Minecraft), 27004-27025 (CS/Steam)
- 15637 (Enshrouded), 16261-16262 (Project Zomboid)
- 9876-9877 (V Rising), 8211 (Palworld), 25576 (Palworld RCON)
- 27016 (Palworld Query), 26900-26910 (7 Days to Die)
- **Port range NAT fix**: OPNsense config.xml requires `<local-port>` to contain only the **starting port** (e.g., `2223`), not the full range (e.g., `2223-2323`). OPNsense maps ranges 1:1 automatically.
### Verified Working
- All VLANs (10, 20, 30) receiving DHCP from OPNsense
- LAN (10.4.2.0/24) receiving DHCP from OPNsense