I created a NAT Rule that forwards all traffic on port 25 from the external ip address of xx.xx.xx.xx to the internal ip address of 10.10.30.xxx on port 25. My problem is that all workstations on the internal network 10.10.30.X connect resolve mail.domain.com to port 25 on the external ip address.
Using a external email client out side the network from a remote client works with out issues. All the clients on the internal network have to be configures to connect to the server directly by using the internal ip addresss for that server in the smtp settings on their client. Any suggestions? Here is my running config file protocols { static { disable: false route 0.0.0.0/0 { next-hop: XX.XX.XX.49 metric: 1 } } } policy { } interfaces { restore: false loopback lo { description: "" address 10.0.0.65 { prefix-length: 32 disable: false } } ethernet eth0 { disable: false discard: false description: "" hw-id: 00:04:23:9f:42:30 duplex: "auto" speed: "auto" address XX.XX.XX.50 { prefix-length: 29 disable: false } address XX.XX.XX.51 { prefix-length: 29 disable: false } } ethernet eth1 { disable: false discard: false description: "" hw-id: 00:04:23:9f:42:31 duplex: "auto" speed: "auto" address 10.10.30.254 { prefix-length: 24 disable: false } } ethernet eth2 { disable: true discard: false description: "" hw-id: 00:0d:61:30:b2:30 duplex: "auto" speed: "auto" } } service { dhcp-server { shared-network-name lan1 { subnet 10.10.30.0/24 { start 10.10.30.1 { stop: 10.10.30.254 } static-mapping btpwrk03 { ip-address: 10.10.30.3 mac-address: 00:06:5B:2C:4A:DD } static-mapping btpwrk02 { ip-address: 10.10.30.2 mac-address: 00:0C:76:9F:62:F1 } static-mapping btpwrk04 { ip-address: 10.10.30.4 mac-address: 00:08:74:f6:06:80 } static-mapping btpwrk05 { ip-address: 10.10.30.5 mac-address: 00:0c:29:0a:89:5b } static-mapping btpwrk01 { ip-address: 10.10.30.1 mac-address: 00:d0:b7:13:ce:de } static-mapping btpsrv01 { ip-address: 10.10.30.240 mac-address: 00:05:8D:F7:77:9D } static-mapping btpweb01 { ip-address: 10.10.30.251 mac-address: 00:0C:29:B2:7F:2D } static-mapping btpweb02 { ip-address: 10.10.30.252 mac-address: 00:0C:29:B2:7F:2D } static-mapping btpwrk00 { ip-address: 10.10.30.100 mac-address: 00:15:C5:45:F2:85 } client-prefix-length: 24 dns-server 65.17.91.254 dns-server 65.16.215.254 default-router: 10.10.30.254 lease: 86400 domain-name: "internal.domain.local" authoritative: "disable" } } } nat { rule 1 { type: "masquerade" outbound-interface: "eth0" source { network: "XX.XX.XX.48/29" } } rule 2 { type: "masquerade" outbound-interface: "eth0" source { network: "10.10.30.0/24" } } rule 3 { type: "masquerade" outbound-interface: "eth0" source { network: "10.10.40.0/24" } } rule 10 { type: "destination" inbound-interface: "eth0" protocols: "tcp" source { network: "0.0.0.0/0" } destination { address: "XX.XX.XX.50" port-number 3390 } inside-address { address: 10.10.30.240 port-number: 3389 } } rule 11 { type: "destination" inbound-interface: "eth0" protocols: "tcp" source { network: "0.0.0.0/0" } destination { address: "XX.XX.XX.50" port-number 3391 } inside-address { address: 10.10.30.251 port-number: 3389 } } rule 52 { type: "destination" inbound-interface: "eth0" protocols: "tcp" source { network: "0.0.0.0/0" } destination { address: "XX.XX.XX.50" port-number 5052 } inside-address { address: 10.10.30.2 port-number: 5900 } } rule 53 { type: "destination" inbound-interface: "eth0" protocols: "tcp" source { network: "0.0.0.0/0" } destination { address: "XX.XX.XX.50" port-number 5053 } inside-address { address: 10.10.30.3 port-number: 5900 } } rule 54 { type: "destination" inbound-interface: "eth0" protocols: "tcp" source { network: "0.0.0.0/0" } destination { address: "XX.XX.XX.50" port-number 5054 } inside-address { address: 10.10.30.4 port-number: 5900 } } rule 55 { type: "destination" inbound-interface: "eth0" protocols: "tcp" source { network: "0.0.0.0/0" } destination { address: "XX.XX.XX.50" port-number 5055 } inside-address { address: 10.10.30.5 port-number: 5900 } } rule 56 { type: "destination" inbound-interface: "eth0" protocols: "tcp" source { network: "0.0.0.0/0" } destination { address: "XX.XX.XX.50" port-number 5056 } inside-address { address: 10.10.30.240 port-number: 5900 } } rule 80 { type: "destination" inbound-interface: "eth0" protocols: "tcp" destination { address: "XX.XX.XX.50" port-number 25 } inside-address { address: 10.10.30.251 port-number: 25 } } rule 81 { type: "destination" inbound-interface: "eth0" protocols: "tcp" source { network: "0.0.0.0/0" } destination { address: "XX.XX.XX.50" port-number 110 } inside-address { address: 10.10.30.251 port-number: 110 } } rule 82 { type: "destination" inbound-interface: "eth0" protocols: "tcp" source { network: "0.0.0.0/0" } destination { address: "XX.XX.XX.50" port-number 995 } inside-address { address: 10.10.30.251 port-number: 995 } } rule 83 { type: "destination" inbound-interface: "eth0" protocols: "tcp" source { network: "0.0.0.0/0" } destination { address: "XX.XX.XX.50" port-number 465 } inside-address { address: 10.10.30.251 port-number: 465 } } rule 84 { type: "destination" inbound-interface: "eth0" protocols: "udp" source { network: "0.0.0.0/0" } destination { address: "XX.XX.XX.50" port-number 25 } inside-address { address: 10.10.30.251 port-number: 25 } } rule 90 { type: "destination" inbound-interface: "eth0" protocols: "tcp" source { network: "0.0.0.0/0" } destination { address: "XX.XX.XX.50" port-number 32000 } inside-address { address: 10.10.30.251 port-number: 32000 } } } ssh { port: 22 protocol-version: "v2" } webgui { http-port: 80 https-port: 443 } } firewall { log-martians: "enable" send-redirects: "disable" receive-redirects: "disable" ip-src-route: "disable" broadcast-ping: "disable" syn-cookies: "enable" } system { host-name: "btpmfg-r1" domain-name: "domain.com" name-server 65.17.91.254 time-zone: "Chicago" ntp-server "69.59.150.135" login { user root { full-name: "" authentication { encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh." } } user vyatta { full-name: "" authentication { encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh." } } } package { auto-sync: 1 repository community { component: "main" url: "http://archive.vyatta.com/vyatta" } } }
_______________________________________________ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users