Show source IP behind NAT
Dear Friends,
I'm a newbie user of ZyXel USG-200.
I need to reach SMTPs service behind the firewal. Following some guide i setup correctly the NAT service.
Now the SMTPs is are available.
I check the log on SMTPs server and all incoming connections comes from the IP of the firewall
postfix/smtpd[8745]: DDEF012004D: client=unknown[192.168.1.200]
postfix/cleanup[8746]: DDEF012004D: message-id=<CANRN+XAFW50ABRnW7Gcs7fB=0f1gOK7H_smb8a3VTTBqmGQQOQ@mail.gmail.com>
postfix/qmgr[381]: DDEF012004D: from=<*************@gmail.com>, size=3762, nrcpt=1 (queue active)
In this example the IP of google is replaced by the IP of the LAN of firewall (192.162.1.200).
I try to find how to resolve this issue by myself but without success.
WAN2_IP : The public IP of firewall
LAN IP : 192.168.1.200 of firewall
MailCow: IP of mailserver
Can someone help me?
Many thanks
AndreA
I'm a newbie user of ZyXel USG-200.
I need to reach SMTPs service behind the firewal. Following some guide i setup correctly the NAT service.
Now the SMTPs is are available.
I check the log on SMTPs server and all incoming connections comes from the IP of the firewall
postfix/smtpd[8745]: DDEF012004D: client=unknown[192.168.1.200]
postfix/cleanup[8746]: DDEF012004D: message-id=<CANRN+XAFW50ABRnW7Gcs7fB=0f1gOK7H_smb8a3VTTBqmGQQOQ@mail.gmail.com>
postfix/qmgr[381]: DDEF012004D: from=<*************@gmail.com>, size=3762, nrcpt=1 (queue active)
In this example the IP of google is replaced by the IP of the LAN of firewall (192.162.1.200).
I try to find how to resolve this issue by myself but without success.
WAN2_IP : The public IP of firewall
LAN IP : 192.168.1.200 of firewall
MailCow: IP of mailserver
Can someone help me?
Many thanks
AndreA
0
All Replies
-
You must of setup a routing rule for this to happen as is you don't have a routing rule from WAN to LAN SNAT then this would not happen so remove it.0
-
Hi @maruscya
It seems there is a policy route’s next hop be set to lan such as following example.
Can you check that and disable this policy to verify it again?You can refer to this link:Thanks.See how you've made an impact in Zyxel Community this year!
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 151 Nebula Ideas
- 98 Nebula Status and Incidents
- 5.7K Security
- 277 USG FLEX H Series
- 277 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.4K Consumer Product
- 250 Service & License
- 395 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 75 Security Highlight