[ previous ] [ next ] [ threads ]
 
 From:  JSimoneau at lmtcs dot com
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] Two Mail Servers with 2 Public IP's
 Date:  Wed, 23 Mar 2005 13:18:11 -0500 
Carlos,

It sounds like you might be running up against one of monowalls
limitations: accessing NAT'd services from their public IP. You can get
around this by modifying your DNS or using a static mail transport entry. 

Lets say you have 64.10.10.15 NAT'd to mailserver1 at 192.168.10.1, and
64.10.10.15 NAT'd to mailserver2 at 192.168.10.2. 

Now, if users on mailserver1 want to send a message to a user on
mailserver2, mailserver1 will do a DNS query to find the appropriate MX
record for mailserver2, and come back with 64.10.10.15. While this is
correct if you are coming from the outside, you cannot connect to
mailserver2 using its public ip (64.10.10.15) from the lan segment. You
need to connect to it using its LAN ip, 192.168.10.2.

So, the two solutions are:

1 - Use a DNS forwarder, which monowall has built in, so that DNS queries
from the LAN get 192.168.10.2 back as the MX record instead of 64.10.10.15
2 - Put some sort of static entry on your mailservers. For example, tell
mailserver1 that if it needs to reach mailserver2, that it needs to do so
at 192.168.10.2 and not whatever the DNS server is telling it.

Regards,
Josh Simoneau 

PS - Sorry if this is a double post, gremlins

-----Original Message-----
From: carlos dot rosario at netcabo dot pt [mailto:carlos dot rosario at netcabo dot pt] 
Sent: Wednesday, March 23, 2005 1:01 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Two Mail Servers with 2 Public IP's

Hi all,

I have 2 mail servers in an ADSL Link with 2 public IP adresses serving
email to 2 diferent domains.
I've configured 1 public IP in Server NAT and an SMTP rule in NAT for mail
to be delivered to the mail server of  domain A. For the other public IP,
i've configured  an SMTP NAT rule for mail to be delivered to the mail
server  of domain B. All inbound and outbound mail delivery works, except
when a user of domain A, sends e-mail to a user of domain B, or
vice-versa, mail isn't delivered. I think this has something to do with
accessing NATed Services from the LAN segment, i'm not sure.

Is there a workaround to solve this?

I'm using m0n0 1.2b3.

Thanks in advance,
Carlos Rosário

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch