Email issue internal VLAN to LAN host
-
I have a web server on a VLAN. This is on a separate subnet/interface than the LAN. I'm trying to send emails to a LAN email host; web server (VLAN) -> VLAN interface -> WAN Interface -> NAT to LAN -> mail host. I can send emails from the VLAN web server to non local domains, EG gmail. However I cannot send emails to my local LAN email server. The LAN email server is a public facing system (working fine for sending/receiving emails). In the webhost logs I can see that it is trying to connect to the email server correctly (Public MX IP and port 25) but the connection just times out. I can ping the WAN IP from the web server successfully.
The NAT setup for port 25 allows all WAN IPs to the mail host. I tried turning off blocking of private and bogon networks to no avail. Packet capture shows nothing. Ideas? -
@dennis100 said in Email issue internal VLAN to LAN host:
web server (VLAN) -> VLAN interface -> WAN Interface -> NAT to LAN -> mail host.
You mean, the mail server is accessed by its public IP, I guess?
But the traffic never will pass the WAN interface, so the NAT rule is not applied to that traffic.Have you NAT reflection on in the NAT rule or have you a DNS override in place for the host name?
-
Thanks for the hint. I didn't realize the traffic wouldn't pass the WAN interface. I'd forgotten that pfsense sort of acts like a router between interfaces by default. I blocked traffic between LAN & VLAN DMZ except for SMTP on the web server and set up a record in my hosts file so email could then be addressed to the mail host directly.