Port forward with alias as destination behaves differently
I have a static IP block, and some of those IPs setup as Virtual IPs in OPNsense. I've created Destination NAT rules to port-forward 80, 443, and a few UDP ones for a project I'm working on, to a local IP.
On the Dest NAT rule, if I use the WAN VIP typed out explicitly as the 'destination', the rule works locally. That is: from a LAN machine (behind OPNsense), I can resolve the web service using the VIP (or a DNS name pointing to that VIP), as intended.
On the other hand... if I put that same exact WAN VIP first into an OPNsense alias (as type 'host' or 'network'), and use that in the Dest NAT 'destination' field - all of the traffic on the LAN towards the VIP gets looped back around (hairpins) to OPNsense itself - and the OPNsense login page. The web app is not reachable.
I don't know why this is happening. But wrapping a destination IP address in an alias, should not route traffic differently as far as I'm concerned. Right?