Sometimes see local IP address when doing port-forwarding
Setup is very simple
smtp-server 184.108.40.206–----220.127.116.11 (LAN) pfSense (WAN) 18.104.22.168 (proxyARP VIP)-----Internet.
We are receiving all smtp connections to 22.214.171.124 at 126.96.36.199 with port-forwarding set up
rdr on em0 inet proto tcp from any to 188.8.131.52 port = smtp -> 184.108.40.206
Everything works perfectly but sometimes (fortunately pretty rarely) at smtp-server I receive smtp-traffic from 220.127.116.11!? It seems like pfSense tries to act as a spam-bot. I know it is impossible so some natting occurs with source IP.
pfSense has three physical interfaces LAN, WAN and one configured with several vlans.
I have checked all my NAT-rules approximately 42 times. Can not find anything.
Please any ideas.
Sorry, this is mirroring issue. If you hit 18.104.22.168:25 from any vlan interface then you will have source IP 22.214.171.124 in the packet received at 126.96.36.199.