Show source IP behind NAT
Dear Friends,
I'm a newbie user of ZyXel USG-200.
I need to reach SMTPs service behind the firewal. Following some guide i setup correctly the NAT service.
Now the SMTPs is are available.
I check the log on SMTPs server and all incoming connections comes from the IP of the firewall
postfix/smtpd[8745]: DDEF012004D: client=unknown[192.168.1.200]
postfix/cleanup[8746]: DDEF012004D: message-id=<CANRN+XAFW50ABRnW7Gcs7fB=0f1gOK7H_smb8a3VTTBqmGQQOQ@mail.gmail.com>
postfix/qmgr[381]: DDEF012004D: from=<*************@gmail.com>, size=3762, nrcpt=1 (queue active)
In this example the IP of google is replaced by the IP of the LAN of firewall (192.162.1.200).
I try to find how to resolve this issue by myself but without success.
WAN2_IP : The public IP of firewall
LAN IP : 192.168.1.200 of firewall
MailCow: IP of mailserver
Can someone help me?
Many thanks
AndreA
I'm a newbie user of ZyXel USG-200.
I need to reach SMTPs service behind the firewal. Following some guide i setup correctly the NAT service.
Now the SMTPs is are available.
I check the log on SMTPs server and all incoming connections comes from the IP of the firewall
postfix/smtpd[8745]: DDEF012004D: client=unknown[192.168.1.200]
postfix/cleanup[8746]: DDEF012004D: message-id=<CANRN+XAFW50ABRnW7Gcs7fB=0f1gOK7H_smb8a3VTTBqmGQQOQ@mail.gmail.com>
postfix/qmgr[381]: DDEF012004D: from=<*************@gmail.com>, size=3762, nrcpt=1 (queue active)
In this example the IP of google is replaced by the IP of the LAN of firewall (192.162.1.200).
I try to find how to resolve this issue by myself but without success.
WAN2_IP : The public IP of firewall
LAN IP : 192.168.1.200 of firewall
MailCow: IP of mailserver
Can someone help me?
Many thanks
AndreA
0
All Replies
-
You must of setup a routing rule for this to happen as is you don't have a routing rule from WAN to LAN SNAT then this would not happen so remove it.0
-
Hi @maruscya
It seems there is a policy route’s next hop be set to lan such as following example.
Can you check that and disable this policy to verify it again?You can refer to this link:Thanks.Don't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L
0
Categories
- All Categories
- 414 Beta Program
- 2.3K Nebula
- 132 Nebula Ideas
- 92 Nebula Status and Incidents
- 5.4K Security
- 183 USG FLEX H Series
- 258 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 37 Wireless Ideas
- 6.2K Consumer Product
- 237 Service & License
- 374 News and Release
- 79 Security Advisories
- 24 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 80 About Community
- 69 Security Highlight