Zywall 110 NAT
Also configured nat - to access the internal mail server.
Jun 11 08:45:31 core0 postfix / smtpd [22638]: connect from zywall [10.103.100.250]
Jun 11 08:45:31 core0 postfix / smtpd [22638]: 7A9A17B4BC: client = zywall [10.103.100.250]
Jun 11 09:17:59 mx1 postfix / smtpd [18197]: connect from mail.sicon.ru [91.214.185.210]
Jun 11 09:17:59 mx1 postfix / smtpd [18197]: 9E1BD124BA5: client = mail.sicon.ru [91.214.185.210]
All Replies
-
Hi @Inoyat
According to your description, the source IP address has replaced as USG LAN interface.
Does USG WAN and LAN are connected the same switch?
Can you describe your topology and traffic direction(From WAN or LAN side)
Can you try to disable “NAT Loopback” function in NAT rule.
And check if the status on server again.
0 -
You likely have made a Routeing rule with Address Translation > Source Network Address Translation set to outgoing-interface change this to none.
0 -
Hi @Inoyat
Did you add policy route rule like:
Source: Any, Destination: Any, Next-Hop: WAN interface, SNAT: WAN Interface
If yes, the reason is because incoming traffic hits the rule and source IP address replaced as interface IP.
You can add a new policy route rule:
Source: any, Destination: ServerIP, Next-Hop:Auto, SNAT: none
Then client source IP will able define as correct.
You can reference to this thread. The scenario and situation should be the same as yours.
0 -
Thanks for all!
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight