MikroTik

Hi, I want to forward the traffic from my LAN to the MK on port 25 to a local IP :
I've been try to do the following using the DST-NAT chain using something like :
But with no success. Any ideas ???

BTW: I need this rule because the mail server used to be the same as the firewall (Linux Box) and there're about 30 pc with that configuration.

Are you using a rule for NAT masquerade?

Yes I have a global masquerade rule :

in the masquerade rule, in this case is not necessary to specify src address, just masquerade the out interface so:

Ok, I've changed that but still no joy.

What if you try to put your mail server in other network? like 172.16.1.5 in other port and network of your mikrotik router.

maybe as this rule is not passing the router, is not changing the dst address.

If I understand it correctly, the MailServer is on LAN1, just like the other computers? Then - add another masquarading rule: Does it work now?

If it is the case, computer with 192.168.0.1 sends a packet to 192.168.0.10 (MikroTik), which redirects the packet (leaving the source address = .1) to .2 server on the same interface. The server gets the packet with src-address=.1, and sends the response straight to the computer in the same subnet, not through MikroTik. So client starts connection with 192.168.0.10, but receives response (ACK) from 192.168.0.2 . That's why the NAT rule for dst-address=192.168.0.2 should be created, so that MailServer would send the return packets also through the MikroTik.

Ok, using both rules maked it work. Thanks.

this was useful for me and worked fine.. thank u