On Mon, Feb 9, 2009 at 5:30 PM, Joel Robison <robisonj...@gmail.com> wrote: > I have done a little experimenting with this over the past few hours (while > dodging IT requests, I am sure most of you are familiar). I setup a VLAN > interface that is off of the LAN interface to put the email server in a DMZ. > I then created a rule that will look for my workstation as a source IP and > the Source PORT of 25 and forward them to the new VLAN subnet/machine on > port 25. > Admitantly, I am a little confused by this, as I had always thought that the > source PORT range would most likely not be the port I was trying to match as > most programs generate a higher port on the client side then establish a > connection to the server. Am I wrong?
Are you referring to the "External port range" in the port forward screen? If so, that's not source port, it's the original destination port. In which case, yes, you want port 25, you happen to also be forwarding it to port 25, but on a different host. If you truly mean the filter rule screen, I'd be willing to bet that the rule isn't matching, but some other rule (maybe a default allow?) is. --Bill --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
