Allow internal ip's to make inbound connections to the external interface

  • Does pfSense 1.2 allow internal ip's to make inbound connections to the external interface?

    Hopefully this makes sense.

    Basically I have several servers I host with several domain names, I change out our Cisco firewall for pfsense and have been very happy with pfsense.
    I have two of the servers that are mail servers with MX records to their public IP addresses (External IP)

    Mail Server1 mx=
    Mail Server2 mx=

    When ever someone from mail server1 tries to send email to someone on mail server2, mail server1 cannot make a SMTP connection to mail server2 as it resolves the DNS MX record as the external IP.

    I'm hoping there is a way to allow internal ip addresses to make inbound connections to the external IP of pfSense.

    If not I will setup split horizon DNS to address the issue.

    Thank you for your help

  • I think I may have found the infornation I was looking for, Don't know I didn't see it before when I searched the forum.

    Is it called NAT Reflection under the system/advanced menu?

    I'm thinking I'll Uncheck the Disable NAT Reflection box tomorrow morning and see if this works.

    Does anyone see any problems that might arise from doing so?


    NAT reflecton only works for normal NAT forwardings and not for 1:1
    If you have the possibility i'd rather set up split DNS.

  • Thank you GruensFroeschli for the reply and the URL Info.

    I'll go with split DNS option.

    Once again Thank you for your help.

Log in to reply