HELP!!!! Problem w/ Virtual IP's and NAT
-
pFsense 1.01
I have a group of static IP's
XXX.XXX.XXX.98/27
XXX.XXX.XXX.97 (Gateway)I have setup individual virtual IP's:
XXX.XXX.XXX.99/32
XXX.XXX.XXX.100/32
XXX.XXX.XXX.101/32
XXX.XXX.XXX.102/32
XXX.XXX.XXX.103/32
XXX.XXX.XXX.104/32I need to forward port 25 from .98 thru .100 to 192.168.0.2.
NAT Port forwarding Settings:
WAN TCP 25 192.168.0.2 (ext XXX.XXX.XXX.100) 25
WAN TCP 25 192.168.0.2 (ext XXX.XXX.XXX.98) 25
WAN TCP 25 192.168.0.2 (ext XXX.XXX.XXX.99) 25Firewall:
TCP * * 192.168.0.2 25 *But can't reach the email server (192.168.0.2) from outside… What have I done wrong???
Thanks,
Mike
-
You are forwarding multiple publics to the same internal ip? I've never tried that, but I don't think it will work. Does it work if you only forward one public to one internal? If you really need to have smtp listening on three externals, you might try adding alias ips on your mail server and forwarding the other publics to the alias ips. Sounds like the reverse of a failover pool, but I don't think you can configure the failover stuff backwards.
-
I finally found the answer… I had to setup CARP interfaces for each of the virtual IP's and then the NAT port forwarding worked just fine.
BTW... I also found that I had to specify the same subnet mask for each CARP interface or it wouldn't work. For example:
My main interface is XXX.XXX.XXX.98/27
My CARP interfaces had to be:
XXX.XXX.XXX.99/27 to XXX.XXX.XXX.104/27
