Outbound Nat always using wan ip not assigned vip's

  • Read through the threads before I posted here, I did get an answer to what I was trying to do which is map outbound nat to a vip instead of the wan interface ip. Seems no matter how I configure it according to the posts I read, the outbound nat always gets the wan interface ip when I go to "whatismyip". I got the port forwarding from vip's working just fine, no problems, easy. The outbound is being a bit tricky. Anyways, here's my setup:
    T1 connection with 4 external ip's. 4 servers, all windows. Exchange, citrix, web, and one just idle. I setup the vip's with my external ip address. created the port forwarding rules and firewall rules. All works fine, everything goes to where it is supposed to. The only problem I have is that all outbound traffic goes out via the wan interface ip address not the public ip's i have forwarded to the servers. This breaks active sync and causes a few issues in citrix. I set outbound NAT to manual and created a rule according to what the post I read said to do. For starters I just tried to set it so all outbound traffic from a specific server would go out on it's specific external IP. Then I tried just doing single ports. It never will show the right address. Here is how it is setup atm. Any pointers would be greatly appreciated.

    Thanks in advance,

  • Source port for outgoing http connection will never be 80 but some random port chosen by the operating system. Leave the source port blank and put 80 in the destination port field, also leave the port field in the translation part empty.

  • Thanks for the input, I tried it, even tried leaving the destination port blank so that all traffic outbound from that server would be directed out via it's public address. Still doesn't work, as a matter of fact, no internet connections work at all not even inbound. But when I change outbound back to automatic, internet connections work again but I am back to square one with all outbound traffic going out via the wan interface ip and not the server specific public ip's (virtual ip's) I assigned and active sync of course doesn't work then. I am not using 1:1 nat, just some virtual ip's on the wan interface for my public ip addresses and some port forwarding. Very simple configuration that has me stumped lol

    If I have overlooked something please feel free to correct me, my ego is not a concern at this point in time LMAO

    Thanks again,


Log in to reply