Help with vips setup

  • hi there!
    i need some quick help with the setup i have here plz  :)
    my setup:
    public ips:

    [internet]–[pfsense] wan
                       vip proxy arp email server (
                       vip proxe arp web server  (

    everything works but in the header of all my outgoing emails cient-ip and received_from_ip is set to instead of
    is it because of nature of the proxy arp vips or something else? would it help if i change proxy arp vips to ip aliase?


  • Just assign vip proxy arp to email server ( outbound nat.

  • marcelloc, thanks for your reply!

    i added the outbound nat
    interface: wan
    proto: tcp/udp
    source: network, (my email server's ip is why it wont let me set it to
    destination: any

    see attachment

    it didn't help thought. this is what i get in the header of outgoing emails

    Received: from mail.[mydomail].ca ([])
            by with ESMTPS id f29si3412451anj.58.2012.
            (version=TLSv1/SSLv3 cipher=OTHER);
            Fri, 03 Feb 2012 08:49:57 -0800 (PST)
    Received-SPF: pass ( domain of [senders email] designates as permitted sender) client-ip=;

    where is my wan ip address but it should be for my email server

  • The source is only a host, not a network.

    put a /32 on netmask on this outbond nat rule.

  • it didn't help.

  • change your nat to manual  :)

  • it worked! thanks man, really appreciate your help, eh.  ;D

  • if Automatic outbound NAT rule generation is on is there any way to see what rules were generated?

  • When enabled, everything That pass through firewall will be nated using interface address. Just like the rule created to wan when you selecet outbound.

    It's done on pf level, not in gui.

Log in to reply