4. 1:1 NAT - no route to host

1:1 NAT - no route to host

  • X

    hi, i have a mail server behind a pfsense machine at my datacenter doing 1:1 NAt.
    the internal ip of the mail server is 192.168.0.11 with the external ip 66.11.117.178.
    when mail is recieved it resolves the domain
    Oct 27 11:45:09 mail postfix/lmtp[5728]: 97B69130074F: to=reza@rndcomputing.com, relay=none, delay=3, status=deferred (connect to mail.rndcomputing.com[66.11.117.178]: No route to host)

    and uses the external ip, along with the no route to host problem. is there a way to work around this? or should i have internal DNS servers point to the internal ip?/reza@rndcomputing.com

    0
  • H

    natreflection doesn't work for 1:1 nats. If this is only a mailserver and you only need few ports (25,110,…) turn off the 1:1 nat and use a combination of protforward and advanced outbound nat for this and enable nat reflection at system>advanced ( at the very bottom of the page). Other option is to set up split DNS like you suggested.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy