Sometimes see local IP address when doing port-forwarding



  • Hello,
    Setup is very simple
    smtp-server 1.1.1.85–----1.1.1.4 (LAN) pfSense (WAN) 2.2.2.201 (proxyARP VIP)-----Internet.
                                ----------- (vlan0)
                                ----------- (vlan1)
    We are receiving all smtp connections to 2.2.2.201 at 1.1.1.85 with port-forwarding set up
    rdr on em0 inet proto tcp from any to 2.2.2.201 port = smtp -> 1.1.1.85

    Everything works perfectly but sometimes (fortunately pretty rarely) at smtp-server I receive smtp-traffic from 1.1.1.4!? It seems like pfSense tries to act as a spam-bot. I know it is impossible so some natting occurs with source IP.
    pfSense has three physical interfaces LAN, WAN and one configured with several vlans.
    I have checked all my NAT-rules approximately 42 times. Can not find anything.
    Please any ideas.

    Thanks.



  • Sorry, this is mirroring issue. If you hit 2.2.2.201:25 from any vlan interface then you will have source IP 1.1.1.4 in the packet received at 1.1.1.85.


Log in to reply