meta4 wrote:so ive been pouring through the forums and vyatta documentation and cant seem to find what im doing wrong. i have three vlans VLAN1 (LAN) VLAN2 (visitor wifi) and VLAN3 (IOT wifi). my management vlan (LAN) gets out just fine. VLAN1, 2, and 3 receive DHCP and DNS information from the edgemax, but 2 and 3 cant ping out or get out. I did configure dns forwarding for vif 2 and 3 and rebooted, still nothing.
i have zone policys set for local, wan, and lan. when i attempt to create a zone policy for vif 2 and 3, i cant seem to identify the interface (may be unrelated/unnecessary).
So whenever I use masquerade SNAT rules, I do still put the network/s being NAT'd in the source section. This may be redundant for all I know. Try that and see what happens.
So your current rule is this:
nat {
rule 5010 {
description "Masquerade for WAN"
outbound-interface eth0
type masquerade
}Try this:
nat {
rule 5010 {
description "Masquerade for WAN"
outbound-interface eth0
source {
address 192.168.20.0/24
}
type masquerade
}If that fixes your problem for that network, you can either create an SNAT rule for each network, or just create a firewall network group and use the one rule for the group.
Best of luck!
