Hi, I have the following problem:
There are two networks, 192.168.0.0/24 and 192.168.1.0/24. And we have a mail server running at a public address A.B.C.D, which only accepts mail via port 587 from 192.168.0.0/24. The 192.168.1 network is attached via VPN to 192.168.0 and would connect to the mail server A.B.C.D via the public internet, which we do not allow for port 587. Now I'm trying to use a machine in the 192.168.0 net to forward smtp connections from the 192.168.1 net. So I have enabled ipnat on 192.168.0.2 with the following rule (re0 is 192.168.0.2): rdr re0 0/0 port 5587 -> A.B.C.D port 587 tcp Testing the connection with "telnet 192.168.0.2 5587" from 192.168.1.220 immediately terminates with "Connection refused", although it works when doing "telnet A.B.C.D 587" on 192.168.0.2. ipnat -l shows the active session, though: List of active MAP/Redirect filters: rdr re0 0/0 port 5587 -> A.B.C.D/32 port 587 tcp List of active sessions: RDR A.B.C.D 587 <- -> 192.168.0.2 5587 [192.168.1.220 59966] I guess that "rdr" only works in the same network? When trying to redirect to a machine in the 192.168.0-net, instead of an external IP-address, it connects. Is there any way to accomplish that? What can I do? Thanks in advance. -- Frank Wille