Outbound email traffic is using the public IP assigned to FW external interface

Reply
Not applicable

Outbound email traffic is using the public IP assigned to FW external interface

Hi,

New user of PA Firewall here. I noticed that when we send out emails, the recipient is seeing that the email comes from the public IP which is assigned to the external interface of our PA firewall. Before moving to PA, we can see the public IP NATed to our email server. Is there any configuration we missed? Or is this how it should be?

Appreciate your help. Thanks!

L4 Transporter

Hi, were you using Check Point automatic NAT previously?

I've seen a couple of similar issues before - these were resolved by inserting an additional NAT rule just before the NAT rule that is catching your outbound SMTP traffic at the moment.  The new NAT rule can then translate just your outbound email server traffic to have the the required source address.

Regards,

Dave

Not applicable

Hi Dave,

Thanks for your reply.

Previously we were using Watchguard. I am a bit confused with your recommendation (insert a NAT rule before the Mail Server NAT). What would be the rule's content? Sorry for the bummer question...

Not applicable

Hello,

Source IP: YourMailServer

DestinationIP: Any

Source Translation

IP Type: ip-static

Translated address : PublicIPAddressYouWant

Bidirectional: yes

Destination translation: none

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!