I've got a customer operating a watchguard FW, we are going to replace this one with a MX84 soon.
On the current FW config there is 2 set of public IPs configured on the WAN interface : 1 for the interface itself /30 and 4 as alias IPs /29..
WAN interface mx ip: 10.1.1.2/30
public alias IP : 18.104.22.168/29
mx lan ip (vlan 10): 192.168.1.1/24
mail server ip: 192.168.1.1/24
Each IP is reachable from outside. My customer asks if it's possible if they want to do NAT
for their email, which is currently running on watchguard outgoing using ip alias 22.214.171.124/29 and in incoming is using 126.96.36.199/29. For incoming/inbound yes we can do NAT 1:1 or 1:many. how about outgoing is there any other way i can configure for outgoing using alias ip 188.8.131.52 instead of outgoing using wan interface ip: 10.1.1.2/30?
The MX has a different concept for the usage of the additional IPs on the external interfaces. You do not configure any aliases, but the moment where a 1:1 NAT exists, this IP is also used for outgoing communication.
In the Firewall-section of the MX you need an 1:1 entry:
Public IP: 184.108.40.206
LAN IP: 192.168.1.1
If i configure both ip 1:Many NAT so inbound port forwoding is using 220.127.116.11 for SMTP and another ip 18.104.22.168 inbound 1:many NAT for pop3 and port forwarding to same server, is it means outgoing packet using ip 22.214.171.124 or 126.96.36.199?
Outgoing traffic is not controlled by these 1:Many rules. The outgoing traffic would still use the interface IP of the MX.