I am relatively new to Astaro and so far I like what I see. I am used to Cisco and Checkpoint at the office and IPCOp/Smoothwall at home. My smoothwall died last night in a lightning strike. Alas, she was a good firewall for over 5 years. I decided to make the switch to the VM Astaro appliance. Many of the features are there. However, the address translation rules are a bit confusing for someone who, well, knows what they are doing with firewalls. Here is my scenario....
I have 5 public IP's from my provider. I have added them individually to the Interface --> additional Addresses section. I have defined my internal mail server on setup. The default public IP address, the initial one, it's IP address ends in 209. My MX record ends in 210. How do I get the Astaro to listen for port 25 traffic on 210 and do its fancy spam filtering? I also need all OUTGOING SMTP traffic to also go out on 210, not the default of 209. Where do I go to configure this? It is relatively urgent as I have customers who are unable to send or receive email. Also, I need to create rules for web (80 and 443) to go to that server for webmail. I have gone to Network Security --> DNAT/SNAT and tried to create rules there for allowing incoming port 25 and port 80/443 traffic. However, it is not allowed.
Full NAT [] Pluto
Traffic selector: Any → SMTP → External (WAN) [***.***.***.213] (Network)
Source translation: SMTP
Destination translation: Internal mail server SMTP
Automatic packet filter rule:
Initial packets are logged:
DNAT []
Traffic selector: Any → HTTP → External (WAN) [***.***.***.213] (Address)
Destination translation: Internal mail server HTTP
This thread was automatically locked due to age.
