<![CDATA[Problem with maiserver moved from lan to dmz]]>Hi all

I moved a mailserver from the lan to the dmz and I am having some troubles.

LAN B–------ ipsec -----router-vpn--------LAN A-----------FIREWALL  -----internet
192.168.2/24                    192.168.1.254    192.168.1/24      192.168.1.251  ---- dmz  (192.168.100/24) - mailserver

From the lanA subnet (192.168.1/24) is't all ok
But from the remote lan (192.168.2/24) (connected via an ipsec tunnel between two cisco routers) connections to the mailserver (192.168.100.2) are very slow and clients like imapclients give random errors.
The ipsec tunnel is 192.168.2/24 > any and any > 192.168.2/24
In the firewall there is a static route to 192.168.2/24 via 192.168.1.254
from LANB clients I can do telnet dmz:ports (25-80-143) but I receive answer after some seconds
I test the system with a pass all in the lan and in the dmz

what can I check ?
thanks
Giacomo

]]>https://forum.netgate.com/topic/6641/problem-with-maiserver-moved-from-lan-to-dmzRSS for NodeThu, 18 Jun 2026 14:49:03 GMTThu, 06 Dec 2007 00:42:35 GMT60<![CDATA[Reply to Problem with maiserver moved from lan to dmz on Thu, 06 Dec 2007 15:41:31 GMT]]>@Sylhouette:

did you check the box in system –> advanced -->  Static route filtering, you need to do so.

regards,
Johan

Yes it's checked.

Giacomo

]]>https://forum.netgate.com/post/162848https://forum.netgate.com/post/162848Thu, 06 Dec 2007 15:41:31 GMT<![CDATA[Reply to Problem with maiserver moved from lan to dmz on Thu, 06 Dec 2007 11:15:30 GMT]]>did you check the box in system –> advanced -->  Static route filtering, you need to do so.

regards,
Johan

]]>https://forum.netgate.com/post/162831https://forum.netgate.com/post/162831Thu, 06 Dec 2007 11:15:30 GMT