RE: [m0n0wall] Ok, re-iped firewall and still no luck to new email server

From:	"James W. McKeand" <james at mckeand dot biz>
To:	"'Monowall \(E-mail\)'" <m0n0wall at lists dot m0n0 dot ch>
Subject:	RE: [m0n0wall] Ok, re-iped firewall and still no luck to new email server
Date:	Tue, 28 Dec 2004 16:35:54 -0500

Zadikem, Travis-taz wrote:
> Ok,
>   I re-iped my firewall to 64.207.38.5
> I also have the following aliases
> 
> mail  64.207.38.4
> web  64.207.38.2
> webmail  64.207.38.2  Used for webmail

Aliases may not be what you think. The aliases in m0n0wall are
shortcuts to IP addresses. With the aliases you have above, you can
use the short names (mail, web, webmail) in blue fields when creating
inbound NAT and firewall rules. (Firewall rules in your case as they
are public addresses)

Create aliases of your internal IPs like:
WebMail 192.168.1.160
Mail 192.168.1.55

Then you can create your inbound NATs:
Interface:  WAN
External address:  64.207.38.2 (picked from drop down)
Protocol:  TCP
External port range  from:  SMTP  
                       to:  SMTP
NAT IP: WebMail (blue field = you can use alias)   
Local port:  SMTP
Description: SMTP to WebMail
Check "Auto-add a firewall rule to permit traffic through this NAT
rule"

Interface:  WAN
External address:  64.207.38.4 (picked from drop down)
Protocol:  TCP
External port range  from:  SMTP  
                       to:  SMTP
NAT IP: Mail (blue field = you can use alias)   
Local port:  SMTP
Description: SMTP to Mail
Check "Auto-add a firewall rule to permit traffic through this NAT
rule"

> and the following Server NAT Rules:
> 64.207.38.2  Exchange Mail
> 64.207.38.4  Web Mail (Scalix)
> 66.180.96.1

What is the 66.180.96.1 for?

Can you telnet to both .55 and .160 on port 25 from the inside? i.e.
Is the server at both .55 and .160 listening on port 25? Is the SMTP
service running on both servers? (I know these are stupid questions,
but stupid question have helped me in the past...) 

_________________________________
James W. McKeand