Hi Everyone,

I'm having a big issue with Nat on my 3925 router.

Currently I have 4 interfaces (Internetl, LAN, DMZ & Wifi (which is isolated except for a vew exceptions) on my router which is setup using zone pairs:

Internet -> LAN, Internet -> DMZ,  Internet -> Wi-Fi,

LAN -> Internet, LAN -> DMZ, LAN-> Wi-Fi

DMZ -> Internet,  DMZ -> LAN, DMZ -> Wi-Fi

Wi-Fi -> Internet, Wi-Fi -> LAN, Wi-Fi -> DMZ

NAT is setup to translate some external IP address to internal IP address both in our LAN and DMZ, basically the image below

and all seem to work however when the issue arise when I use a laptop/device in the Wi-Fi network to access a server in the LAN or DMZ by accessing it external IP address, ie Wifi Laptop IP 172.16.10.10 trying to access 150.148.130.52. The device is unable to access but if an external user trys to access 150.148.130.52 they are able to.

I think the issue is maybe due to the NAT/ZBFW rules maybe trying to access across the Wi-Fi -> DMZ zone pair rules instead of going Wi-Fi -> Internet, then Internet -> DMZ and back. but it just seem to trop the traffic?

Has anyone come accross this issue before? Im sure you most be able to do this as people access there webmail fine on internal and external networks with out the need for DNS translations.

Can any one help?