1:1 NAT - no route to host
xibalba last edited by
hi, i have a mail server behind a pfsense machine at my datacenter doing 1:1 NAt.
the internal ip of the mail server is 192.168.0.11 with the external ip 18.104.22.168.
when mail is recieved it resolves the domain
Oct 27 11:45:09 mail postfix/lmtp: 97B69130074F: firstname.lastname@example.org, relay=none, delay=3, status=deferred (connect to mail.rndcomputing.com[22.214.171.124]: No route to host)
and uses the external ip, along with the no route to host problem. is there a way to work around this? or should i have internal DNS servers point to the internal email@example.com
hoba last edited by
natreflection doesn't work for 1:1 nats. If this is only a mailserver and you only need few ports (25,110,…) turn off the 1:1 nat and use a combination of protforward and advanced outbound nat for this and enable nat reflection at system>advanced ( at the very bottom of the page). Other option is to set up split DNS like you suggested.