As i get a bit confused with the (S)NAT setting ons the ASG, what would be the correct way to build a rule for SNAT from a DMZ Mail Server (DMZ1) to IP WAN2, so that only SMTP traffic to WAN will be (S)NATed. Traffic to LAN and other interfaces should be untouched.
Will this rule do:
Traffic source: DMZ1
Traffic Service: SMTP
Traffic Dest: ANY (<- unsure if ANY here will do or what woul be correct)
NAT mode: SNAT
Source: WAN2
As a second question: What is the priority ASG is using masquerading and NAT rules? I want to masquerade all traffic leaving the ASG through WAN interface be masqueraded to the primary WAN address, no matter if traffic is coming from LAN or DMZ, but exclude some servers that will be covered by SNAT using corresponding rules. Will a SNAT rule override such a general masquerading rule?:
ANY -> WAN
use primary address
Martin
Will this rule do:
Traffic source: DMZ1
Traffic Service: SMTP
Traffic Dest: ANY (<- unsure if ANY here will do or what woul be correct)
NAT mode: SNAT
Source: WAN2
As a second question: What is the priority ASG is using masquerading and NAT rules? I want to masquerade all traffic leaving the ASG through WAN interface be masqueraded to the primary WAN address, no matter if traffic is coming from LAN or DMZ, but exclude some servers that will be covered by SNAT using corresponding rules. Will a SNAT rule override such a general masquerading rule?:
ANY -> WAN
use primary address
Martin