NS 25 Mail, Telnet

[McAtti]

We use a NS25. It works well except the mail.
I have:
...
set interface ethernet3 ip xxx.111.4.14/30
set interface ethernet3 route
...
set policy id 10 name "Levelezés kifelé (NAT)" from "Trust" to "Untrust" "Any" "Any" "MAIL" nat src permit log count
set interface ethernet3 vip untrust 25 "MAIL" 10.56.114.52
...
set policy id 22 name "LevelezesGlobal" from "Untrust" to "Global" "Any" "VIP(ethernet3)" "MAIL" permit log count
...

The port 25 seems closed I cannot telnet to it. (To port 80 it works.)
When I try from outside I found in the log at the policies:
2004-09-16 12:50:53 193.6.27.63:2505 195.111.4.14:25 193.6.27.63:2505 10.56.114.52:25 SMTP (TCP) 22 sec. 78 0
2004-09-16 12:50:33 193.6.27.63:2874 195.111.4.14:25 193.6.27.63:2874 10.56.114.52:25 SMTP (TCP) 21 sec. 234

What am I set up incorrectly?

Thanks!

Attila

 

[icg]

1st thing to check, on you mail server is the gateway set to the trust IP. In other words is the path out the same as your web server?

If you notice in the log, you are net getting a return response, but it does look like it is translating the ports correctly.

Also check the advanced tab on the policy, make sure the
NAT Destination Translation Translate to IP is set to 10.56.114.52

Regards,