SMTP rule



  • Hello Everyone,
    I ran across something strange in my Pfsense box today and was wondering if anyone can point me in the right direction.

    I am trying to open up an IP range for Office365 to my internal exchange for a migration, but I can not get traffic to pass through.  Here is the rules.

    I first enabled rule 4 and did a test from Office365 to my site, but it failed.  Next, I created rule 1 and did another test and it failed again.  But If I add port 25 to Rule 2, it all works.

    any ideas?
    ![office365 rule.PNG.jpg](/public/imported_attachments/1/office365 rule.PNG.jpg)
    ![office365 rule.PNG.jpg_thumb](/public/imported_attachments/1/office365 rule.PNG.jpg_thumb)


  • LAYER 8 Netgate

    Why are you obfuscating your private IP addresses? Makes it impossible to help you.



  • oops, uploaded the wrong screen shot.  But, it's the same server 10.7.2.3


  • LAYER 8 Netgate

    Well there is no reason for the first rule not to match if the SMTP alias contains port 25.

    Is there a proper port forward in place for all of these?

    It is a two-step process, port forward and firewall rule. The firewall rules are processed AFTER NAT occurs so they need to pass the post-nat traffic ie. the real IP address and port the inside host is listening on.

    Pretty complete list of things to check here:

    https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting



  • I will read the document and troubleshoot some more, thank you.



  • Issue was resolved, the NAT rule was not being created.


Log in to reply