Allow internal ip's to make inbound connections to the external interface
-
Does pfSense 1.2 allow internal ip's to make inbound connections to the external interface?
Hopefully this makes sense.
Basically I have several servers I host with several domain names, I change out our Cisco firewall for pfsense and have been very happy with pfsense.
I have two of the servers that are mail servers with MX records to their public IP addresses (External IP)Mail Server1 mx=62.214.213.190
Mail Server2 mx=62.214.213.195When ever someone from mail server1 tries to send email to someone on mail server2, mail server1 cannot make a SMTP connection to mail server2 as it resolves the DNS MX record as the external IP.
I'm hoping there is a way to allow internal ip addresses to make inbound connections to the external IP of pfSense.
If not I will setup split horizon DNS to address the issue.
Thank you for your help
-
I think I may have found the infornation I was looking for, Don't know I didn't see it before when I searched the forum.
Is it called NAT Reflection under the system/advanced menu?
I'm thinking I'll Uncheck the Disable NAT Reflection box tomorrow morning and see if this works.
Does anyone see any problems that might arise from doing so?
-
http://forum.pfsense.org/index.php/topic,7001.0.html
NAT reflecton only works for normal NAT forwardings and not for 1:1
If you have the possibility i'd rather set up split DNS. -
Thank you GruensFroeschli for the reply and the URL Info.
I'll go with split DNS option.
Once again Thank you for your help.