Outbound Nat only 1/2 working
-
I have a web server behind my Netgate 6600 router.
I have 2 IP addresses on this router Address A is the one on the wan interface and Address 2 is a virtual IP.
I need ALL the traffic of this webserver to go out over a Virtual IT address.
I have the following outbound nat rule in place.
login-to-viewI can not use a 1:1 nat as I need other services on this IP address to go to other servers.
I also have inbound rules for the services (http/s, email, FTP...) these all seem to be working properly
I can run curl api.ipify.org and I get IP address 2 but when I send an email from the server all the headers say it is coming from IP Address 2.
This is causing issues with spam and other stuff. What am i doing wrong? Please let me know if you need more information
-
@chstechsolutions Could that server have open connections/states already using the other IP? I would think a new SMTP connection would be new but you might double check.
It's set to Hybrid Outbound NAT?
The inbound is different, the outbound rule has no effect on inbound NAT forwards.
-
@steveits Hybrid Nat is selected.
I have reset booted the router and the server a few times. even at the same time. that should have "fix" and open connections.
And correct. the inbound rule is working properly. this issue is only on the outbound rule. new messages that come in over port 25 or other email ports all go to this server successfully. if is only outbound email connections that have this problem.
-
@chstechsolutions Is the alias correct? Web server doesn't have multiple IPs, or IPv6?
-
@steveits I assume that alias is correct. it is working for all inbound rules.
The server has qpv6 disabled and only one IP. I just checked that myself.
-
@chstechsolutions said in Outbound Nat only 1/2 working:
I can run curl api.ipify.org and I get IP address 2 but when I send an email from the server all the headers say it is coming from IP Address 2.
Isn't this what you want and what the outbound NAT rule is meant to do?