1:1 NAT - no route to host

  • hi, i have a mail server behind a pfsense machine at my datacenter doing 1:1 NAt.
    the internal ip of the mail server is with the external ip
    when mail is recieved it resolves the domain
    Oct 27 11:45:09 mail postfix/lmtp[5728]: 97B69130074F: to=reza@rndcomputing.com, relay=none, delay=3, status=deferred (connect to mail.rndcomputing.com[]: No route to host)

    and uses the external ip, along with the no route to host problem. is there a way to work around this? or should i have internal DNS servers point to the internal ip?/reza@rndcomputing.com

  • natreflection doesn't work for 1:1 nats. If this is only a mailserver and you only need few ports (25,110,…) turn off the 1:1 nat and use a combination of protforward and advanced outbound nat for this and enable nat reflection at system>advanced ( at the very bottom of the page). Other option is to set up split DNS like you suggested.

Log in to reply