Route traffic Green -> Red -> (NAT) Green?

Here’s my setup:

IMAP server on Green:

My external Red IP’s FQDN is “”, for example.

I have a firewall rule to allow traffic destined for port 993 to be NATed to port 993.

My email client on my laptop is configured to connect to “” port 993 for IMAP.

When I’m outside of my network (i.e. coming from the public internet), my email client has no problem reaching the IMAP server on

When I’m inside of my network (i.e. laptop on Green), my email client cannot reach the IMAP server.

In both cases (laptop is external, laptop is internal), the FQDN resolves to, as expected.

What do I need to do for traffic from Green, destined for port 993, to be correctly forwarded back into Green port 993?


Good morning and happy day @r33p!!!

Ok, your router does not know how to get to directly but to the WAN IP of IPFire. You must create a “DMZ Host” in the router to redirect all requests to your Public IP to the IPFire WAN interface. I, for example, have it configured like this on my router:

Next, you must create a rule to publish the Service to the Internet from the IPFire Firewall:

The best explained rule:

In “Source” you can put “Standard networks: ANY” or if you want only from one country, the one you want (as I have it) or you can also create a group of countries.

Obviously you will have to activate it (I don’t use it and that’s why I have it deactivated). The Log is optional.

Try it and tell Us something.

Best regards.

Hola Roberto!

Thanks for your reply. It forced me to take a closer look at my firewall rules, and I realized that I had set the Source to Red instead of Any. After fixing that, I can now access my IMAP server using my external IP address from both inside and outside of my network. Problem solved!


1 Like