> In pfsense this will work with NAT:port froward and select LAN,
> and Redirect IP and port.
> I do not want to switch to pfsense. I would like to find how this can
> done in monowall.
after thinking about it a little bit longer, I fear that this is not
possible with m0n0wall.
You might consider to deplay an additional pfSense installation which
which has the only purpose of doing the port redirection. It could be
deployed as a virtual machine (on the free VMWare Server, for example).
The WAN adapter would be configured as DHCP (receiving a dynamic LAN IP
address and using the main m0n0wall as default gateway), LAN would
receive a static LAN IP address. In order to redirect all traffic for
the external IP address [* A.B.C.D*], a DNS override can be configured
on the m0n0wall (target would be pfSense LAN address). Obviously, this
requires that all application which want to talk to the external IP
address [* A.B.C.D*] must not use the IP address, but the (fake) DNS
name. Alternatively, the applications use the pfSense LAN IP address
instead of the external target address. All traffic for this hostname
will then get routed through pfSense, which can do it's "magic" before
passing the trafiic out of it's WAN interface back to the m0n0wall (now
with the changed port - and the correct external IP address [*
Yup, this is a bit messy. I don't know about your environment. If you
have a server in your LAN running 24/7, the VM might be a solution.
"Port 25" sounds suspiciously like SMTP. If we're really talking about
SMTP: don't the mail clients offer an option to change the SMTP port?
AFAIR, there are also some SMTP proxies which allow alternative ports
for outgoing SMTP traffic. Of course, this will again require a server
and approriate client configurion.
Or could "SMTP over SSL" be a solution?
Best regards, Klaus
> On Sun, Jan 13, 2013 at 4:18 PM, Klaus Stock
> <ks at stock dash consulting dot com>wrote:
>> > In my LAN network if any host send anything to a *particular
>> External IP
>> > Address*[* A.B.C.D*] and *port 25 *=> I have to send to the Same
>> IP and
>> > Different port out [* A.B.C.D*] and *port 26*
>> > I could not find any place to make this port rewrite for the
>> > network.
>> I've seen a similar thing (ip address change instead of port change)
>> on a similar platform (pfSense instead of m0n0wall).
>> I suppose that port redirection would work about as well the same as
>> ip address redirection. But I don't know if it'll work with
>> While pfSense is a m0n0wall fork, it used (AFAIR) pf instead of
>> iptables, so it might not work. However, if your hardware is
>> enough (and you're not afraid about being overwhelmed by the
>> number of function in pfSense), you might consider a migration to
>> pfSense, if this solves you problem.
>> Okay, here's the tutorial I stumbled upon last week:
>> No, i didn't try it myself - I was looking for something totally
>> different. However, I read the article anyway, just out of some sort
>> of, um, "geeky fascination".
>> Best regards, Klaus