Hello all,

I'm configuring NAT on a BM3.8 server with 5 interfaces. Most thing work
very well, hovever there is a NAT problem which seems like a bug to me.
Status:

One public interface (I.I.I.2) goes to internet, with static an dynamic NAT
One public interface (E.E.E.68) goes to an eterprise network with static an
dynamic NAT
One private interface (P.P.P.68) goes to my internal LAN
(the other interfaces are irrelevant, basically a DMZ and another enterprise
net)

Now, any internal host (P.P.P.?) can reach everything on the internet, and
everything on the enterprise net because it gets dynamically NAT'ed to the
respective bmserver's public addresses. All well and Good.
However, if this host is given a static mapping on the internet interface,
it no longer reaches the enterprise net on its dynamic mapping address
(internet is still OK). doing a "tcp ip debug=1" while trying telnet to an
address which should be reachable through the enterprise (X.X.X.2) gives me
this (sorry for the fake the addresses):


RECEIVE:pktid:40184 P.P.P.91->X.X.X.2 ttl:128 (TCP)
TCP:SYN Source Port:4591, Dest Port:23 Sequence No.:4225875427 Ack No:0
Window:6
5535 UrgPtr:0
FORWARD:pktid:40184 I.I.I.12->X.X.X.2 ttl:127 (TCP)
TCP:SYN Source Port:4591, Dest Port:23 Sequence No.:4225875427 Ack No:0
Window:6
5535 UrgPtr:0

The I.I.I.12 address in this log is the static address mapping defined for
the internet for this particular host. That is, it seems the packet is
NAT'en with its static *internet* mapping as source address when it of
course should be NAT'ed with its dynamic *enterprise* address as source
address. Hence, the routing of course can't work.

All other hosts (without static internet mappings) have no problem.

What to to? Any ideas, please? Although this is BM3.8 I know the same
problem applies to older BM versions too. Kind of hoped this was fixed in
3.8 but..... All suggestions are welcome!