Show source IP behind NAT
Dear Friends,
I'm a newbie user of ZyXel USG-200.
I need to reach SMTPs service behind the firewal. Following some guide i setup correctly the NAT service.
Now the SMTPs is are available.
I check the log on SMTPs server and all incoming connections comes from the IP of the firewall
postfix/smtpd[8745]: DDEF012004D: client=unknown[192.168.1.200]
postfix/cleanup[8746]: DDEF012004D: message-id=<CANRN+XAFW50ABRnW7Gcs7fB=0f1gOK7H_smb8a3VTTBqmGQQOQ@mail.gmail.com>
postfix/qmgr[381]: DDEF012004D: from=<*************@gmail.com>, size=3762, nrcpt=1 (queue active)
In this example the IP of google is replaced by the IP of the LAN of firewall (192.162.1.200).
I try to find how to resolve this issue by myself but without success.
WAN2_IP : The public IP of firewall
LAN IP : 192.168.1.200 of firewall
MailCow: IP of mailserver
Can someone help me?
Many thanks
AndreA
I'm a newbie user of ZyXel USG-200.
I need to reach SMTPs service behind the firewal. Following some guide i setup correctly the NAT service.
Now the SMTPs is are available.
I check the log on SMTPs server and all incoming connections comes from the IP of the firewall
postfix/smtpd[8745]: DDEF012004D: client=unknown[192.168.1.200]
postfix/cleanup[8746]: DDEF012004D: message-id=<CANRN+XAFW50ABRnW7Gcs7fB=0f1gOK7H_smb8a3VTTBqmGQQOQ@mail.gmail.com>
postfix/qmgr[381]: DDEF012004D: from=<*************@gmail.com>, size=3762, nrcpt=1 (queue active)
In this example the IP of google is replaced by the IP of the LAN of firewall (192.162.1.200).
I try to find how to resolve this issue by myself but without success.
WAN2_IP : The public IP of firewall
LAN IP : 192.168.1.200 of firewall
MailCow: IP of mailserver
Can someone help me?
Many thanks
AndreA
0
All Replies
-
You must of setup a routing rule for this to happen as is you don't have a routing rule from WAN to LAN SNAT then this would not happen so remove it.0
-
Hi @maruscya
It seems there is a policy route’s next hop be set to lan such as following example.
Can you check that and disable this policy to verify it again?You can refer to this link:Thanks.0
Guru Member
Zyxel Employee
Categories
- All Categories
- 431 Beta Program
- 2.6K Nebula
- 164 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 364 USG FLEX H Series
- 292 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 262 Service & License
- 407 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight
