4. Help with forcing outgoing smtp 25 to VIP address

Help with forcing outgoing smtp 25 to VIP address

  • G

    Hello,

    i've been attempting to force our email server to use a VIP address for outgoing with no luck.

    here's what i've attempted thus far:

    1. created nat port forwards\rules, outbound nat, from our email server 192.168.10.7 to the VIP address 173.x.x.90.

    no matter how i try to implement it, the 25 traffic still goes through our default wan IP of 173.x.x.89.

    below are our manual outgoing rules for NAT

    Mappings:

    Interface Source         Source Port Destination Destination Port NAT Address NAT Port Static Port Description
    WAN  192.168.10.0/24       *                     *       *               *               *              YES  Auto rule for LAN

    WAN  192.168.10.7/32     tcp/*               *         tcp/25 173.x.x.90               *     NO  ISERVER-OUTGOING-SMTP-7

    any advice or direction would be greatly appreciated.

    0
  • E

    You want to reverse the order of those NAT entries. NAT works on a first-match basis so your email server is hitting that first LAN NAT rule and sending the traffic out your default NAT. If you list that email server NAT rule first, your email server will use it instead (and all other LAN traffic will use your LAN NAT).

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy