If you're using a Raptor (Symantec Enterprise) Firewall, it's obviously a bad idea to configure redirects that have a client IP as source, as the firewall will try to do proxy arp for addresses that have redirects (wanted to redirect transparent connections to an arbitrary port on a server instead of the original destination port). Together with client transparency NAT rules, different things will fall over, but not immediately:
Such a combination of redirect and NAT rule can be configured just fine, but after a reboot, an error like the following may pop up:
kernel: 457 ProxyArp Error: A host with address 172.16.3.40 (MAC 00:00:de:ad:be:ef) is active on interface 172.16.3.254 — this address is in use for proxy arp/NAT
...with the side effect that rechability of hosts on the corresponding interface is quite flaky.
So: Don't do it :)
Such a combination of redirect and NAT rule can be configured just fine, but after a reboot, an error like the following may pop up:
kernel: 457 ProxyArp Error: A host with address 172.16.3.40 (MAC 00:00:de:ad:be:ef) is active on interface 172.16.3.254 — this address is in use for proxy arp/NAT
...with the side effect that rechability of hosts on the corresponding interface is quite flaky.
So: Don't do it :)