I have 2 LAN subnets (let's call them LAN1 and LAN2) which each have a static route directing their traffic over a separate internet line (let's call them WAN1 and WAN2). This is intended to keep the public WiFi users from interfering with our internal corporate network.
There are also some services accessed via WAN1, which is achieved by a NAT loopback rule internally. Herein lies the problem...
Let's say a corporate user connects their iPhone to the WiFi (which puts them on LAN2 and gives them Internet access on WAN2), and wants to get their corporate email via ActiveSync. They type in outlook.company.com as the server, it loops back to the WAN1 IP, and... fail. They can only access WAN2 due to the aforementioned route. What is the proper configuration for a route that will allow LAN2 to access WAN1 only in the case of loopbacking?
Edit: Here are the following routes and NAT entries that are relevant...
Routes:
Source Dest Gateway Interface
LAN1 Any X1 Default Gateway X1
LAN2 Any X2 Default Gateway X2
NAT:
Source Orig. Source Trans. Dest. Orig. Dest. Trans.
Firewalled Subnets WAN Interface IP WAN Interface IP mail server on LAN1 //for NAT loopback
Any Original WAN Interface IP mail server on LAN1 //normal NAT from the outside