I ran across something strange in my Pfsense box today and was wondering if anyone can point me in the right direction.
I am trying to open up an IP range for Office365 to my internal exchange for a migration, but I can not get traffic to pass through. Here is the rules.
I first enabled rule 4 and did a test from Office365 to my site, but it failed. Next, I created rule 1 and did another test and it failed again. But If I add port 25 to Rule 2, it all works.
![office365 rule.PNG.jpg](/public/imported_attachments/1/office365 rule.PNG.jpg)
![office365 rule.PNG.jpg_thumb](/public/imported_attachments/1/office365 rule.PNG.jpg_thumb)
Why are you obfuscating your private IP addresses? Makes it impossible to help you.
oops, uploaded the wrong screen shot. But, it's the same server 10.7.2.3
Well there is no reason for the first rule not to match if the SMTP alias contains port 25.
Is there a proper port forward in place for all of these?
It is a two-step process, port forward and firewall rule. The firewall rules are processed AFTER NAT occurs so they need to pass the post-nat traffic ie. the real IP address and port the inside host is listening on.
Pretty complete list of things to check here:
I will read the document and troubleshoot some more, thank you.
Issue was resolved, the NAT rule was not being created.