Maybe this is not the right topic, as I am a bit confused with terms like access rules, filter exceptions, proxes...

I`d like to allow external groupwise users to access the postoffice on port 1677.


Server1, NW 6.5 SP7, 2 NIC, with public and private IP addresses. BM 3.9
Server2, NW 6.5 SP7, 1 NIC, with private IP, GW 8

I made lots of research on the last couple of days, but I haven`t found my solution. I know that there should be a filter exception on the BM server (using filtcfg), which is done. So as far as I know port 1677 is not blocked anymore. (Can`t see on the blocked packets if using debug output). But what I am not able to put together is how the incoming packets will be forwarded to Server2.
Is it handled by the way we define the filter exception?
Do I need a Generic Proxy for this? (If yes, where to configure it? iManager?)
I saw that it is possible with static NAT entries, isn`t it?

my filter exception on the BM server looks like this:
source iface: public
dest iface: private

packet type:
src port: all
dest port: 1677

src addr: any
dest addr: <IP of Server2>