Creata a rule at your DMZ subnet to allow traffic to destination IP INT MTA at destination port 25. Make sure that rule is above your block rules. It's routing between DMZ and LAN by default. Then just send over the Mail to the LAN MTA by using the internal LAN IP 172.16.130.4.
Holger > -----Original Message----- > From: Derrick MacPherson [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 16, 2006 9:40 PM > To: support@pfsense.com > Subject: RE: [pfSense Support] How to setup this static NAT in my DMZ > > > On Thu, 2006-03-16 at 12:49 +0000, Robert Mortimer wrote: > > You can port forward back through a NAT setup > > > > > http://faq.pfsense.org/index.php?action=artikel&cat=10&id=53&a rtlang=en > > > You can 1:1 map DMZ machine addresses to virtual addresses on the WAN > > (see same area of the control panel) > > IF DMZ has no NAT you can just add a rule to the WAN tab of the rules > section I don't think this is quiet what I'm looking for. I already have a number of 1:1 mappings for external addresses to DMZ addresses. What I have is a mail server in the DMZ that currently is setup to send all mail after being scanned to an IP on the DMZ that is routed to an internal mta. Internet / \ DMZ MTA 10.0.0.4 INT. MTA 172.16.130.4 1:1 NAT only lets me set on the DMZ or WAN interface, and I believe it would need to be on the LAN. so my goal here is the DMZ MTA sends the scanned mail to 10.0.0.200 that ends up and the INT. MTA. What do I need to do? Thanks --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ____________ Virus checked by G DATA AntiVirusKit --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
