Packet forwarding breaks connection to a website
I recently installed email gateway to relay emails to our exchange. The SMTP port forwards to the gateway now.
Before, we had a third-party application that was connecting to our exchange to use our SMTP to send out invoices. So I thought to create a NAT to forward only the SMTP traffic from this particular IP address to our exchange server. As soon as I did that the access to the web portal on this IP address stopped responding.
If anyone has an idea I would appreciate your input. Thank you, Juraj.
The device I am working on is Zyxell Zywall USB100
Before, we had a third-party application that was connecting to our exchange to use our SMTP to send out invoices. So I thought to create a NAT to forward only the SMTP traffic from this particular IP address to our exchange server. As soon as I did that the access to the web portal on this IP address stopped responding.
If anyone has an idea I would appreciate your input. Thank you, Juraj.
The device I am working on is Zyxell Zywall USB100
0
All Replies
-
To restrict the particular IP to access SMTP. NAT settings looks no problem .
It is helpful if you can provide the network diagram and mark the IP.
0 -
Hello and thank you for your input. I am not trying to restrict the IP to access the SMTP. I am trying to open the relay to a server that's outside the network.
The communication on port 25 is being forwarded to a mail gateway that relays the traffic to MS exchange. What I was trying to accomplish was to bypass this mail gateway for the traffic from the only IP address the server communicates from.
The rule looks like this:
Thank you.0 -
Hi @cpg_juraj,
Please kindly check you have the latest version (4.72) on your USG.
And create the below NAT rule and restrict the certain "source address" to apply different internal IP address (your MS change)
Please feel free to contact me if still have concern.
Thank you
Kevin0 -
USG100? Is this a zld 3.x device?
0 -
Hello. I am on USG 100 and there isn´t new firmware available. I am on the latest 3.30 unfortunately.0
-
Hi @cpg_juraj,
With new series (ATP/FLEX) . We can restrict the certain source address by different NAT rule.
It may reach your requirement.
Besides,USG100 was End of Life. Please kindly consider replace the product to enjoy the new feature.
Thank you
Kevin0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 148 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight