[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

pen / pf binat compatibility



Hi there,

I seem to have hit a wall and i'm wondering if anyone has any ideas on how I could go about getting around it.

(I'm using 3.5)

Here's what's going on:

pf.conf -snip-:
binat on EXTIF from 10.0.0.15 -> 60.0.0.15

If I bind pen to tcp/25 on 60.0.0.15, all connections are refused. Disabling binat will fix this, but I need all messages (sending from 10.0.0.15) coming from my 'firewalled' mailserver to appear to come from 60.0.0.15.

Anyone know of any pf tricks for this kinda thing? I've thought of just making 60.0.0.15 EXTIF on the fw, but i want to run multiple mail servers, and most importantly, i can't use CARP or VRRP if I go with that solution.

ANY advice appreciated...



Visit your host, monkey.org