Help with vips setup
-
hi there!
i need some quick help with the setup i have here plz :)
my setup:
public ips: 1.1.1.1 1.1.1.2 1.1.1.3[internet]–[pfsense] 1.1.1.1 wan
1.1.1.2 vip proxy arp email server (192.168.1.2)
1.1.1.3 vip proxe arp web server (192.168.1.3)everything works but in the header of all my outgoing emails cient-ip and received_from_ip is set to 1.1.1.1 instead of 1.1.1.2.
is it because of nature of the proxy arp vips or something else? would it help if i change proxy arp vips to ip aliase?tnx
-
Just assign 1.1.1.2 vip proxy arp to email server (192.168.1.2)on outbound nat.
-
marcelloc, thanks for your reply!
i added the outbound nat
interface: wan
proto: tcp/udp
source: network, 192.168.3.64/27 (my email server's ip is 192.168.3.65/27) why it wont let me set it to 192.168.3.94/27?
destination: any
translation: 1.1.1.2see attachment
it didn't help thought. this is what i get in the header of outgoing emails
Received: from mail.[mydomail].ca ([1.1.1.1]) by mx.google.com with ESMTPS id f29si3412451anj.58.2012.02.03.08.49.57 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 03 Feb 2012 08:49:57 -0800 (PST) Received-SPF: pass (google.com: domain of [senders email] designates 1.1.1.1 as permitted sender) client-ip=1.1.1.1;where 1.1.1.1 is my wan ip address but it should be 1.1.1.2 for my email server
-
The source is only a host, not a network.
put a /32 on netmask on this outbond nat rule.
-
it didn't help.
-
change your nat to manual :)
-
it worked! thanks man, really appreciate your help, eh. ;D
-
if Automatic outbound NAT rule generation is on is there any way to see what rules were generated?
-
When enabled, everything That pass through firewall will be nated using interface address. Just like the rule created to wan when you selecet outbound.
It's done on pf level, not in gui.