Advanced Outbound NAT for SMTP



  • Hello, I am having a newbie issues that I'm hoping I can get some help with.

    I have a pfSense 2.0 firewall with the WAN public IP of x.x.x.60 a virtual IP address of x.x.x.114 and LAN IP of 192.168.1.254

    I have a network switch and then a Exchange mail server with the LAN IP of 192.168.1.253.

    I have port forwarding to forward SMTP port 25 from the x.x.x.114 to the LAN IP of the Exchange mail server 192.168.253, but as expected when SMTP email is sent out from the Exchange mail server is goes out the WAN IP of x.x.x.60, I would like to get it to route out the virtual IP of x.x.x.114

    I have gone into the Firewall > NAT > Outbound and switched from Automatic Outbound NAT to Manual Outbound NAT and then added a manual NAT of:

    Interface  Source                Source Port  Destination  Destination Port  NAT Address  NAT Port  Static Port
    WAN        192.168.1.253/32  TCP      *    *              TCP          25        x.x.x.114      25        NO

    But it does not work, it still sends out of the WAN Public IP x.x.x.60

    What am I doing wrong?

    Thank you



  • OK,

    I found my issue.

    I search all over the pfSense forum most of the night trying to find the solution and right after I posted this I found the answer here:
    http://forum.pfsense.org/index.php/topic,56328.0.html

    I must be getting dumber and I get older, I did not even think of this.

    NAT works on a first-match basis so my email server is hitting that first LAN NAT rule and sending the traffic out your default NAT. When I list that email server NAT rule first, my email server will use it instead.

    Sorry!

    Thank you making such a great product!


Locked