What is your monowall IP set to on the DMZ interface. I am having a hard
time understanding because things are different between the first and
last post. In the first post it looks like you have your DMZ interface
set to 192.168.3.253 and in the last post its set to 192.168.3.1. Either
way does the default gateway in your mail server match the DMZ interface
IP address?

Jonathan


spamcop at ok dot ru wrote:
> I think i've found problem, but i've not to know how to solve it.
> If you do have any ideas, please let me know.
> 
> $ netstat -nr
> Routing tables
> 
> Internet:
> Destination        Gateway            Flags    Refs     Use  Netif Expire
> default            111.111.111.65     UGSc        2       0    sk0
> 127.0.0.1          127.0.0.1          UH          0       0    lo0
> 172.16.1/24        link#1             UC          0       0    rl0
> 192.168.3          link#3             UC          1       0   fxp0
> 192.168.3.1        xx:xx:xx:xx:xx:xx  UHLW        0       1   fxp0   1184
> 111.111.111.64/28  link#2             UC          1       0    sk0
> 111.111.111.65     xx:xx:xx:xx:xx:xx  UHLW        3       0    sk0   1179
> 
> $ route get -host 192.168.3.4
>    route to: 192.168.3.4
> destination: 192.168.3.0
>        mask: 255.255.255.0
>   interface: fxp0
>       flags: <UP,DONE,CLONING>
>  recvpipe  sendpipe  ssthresh  rtt,msec    rttvar hopcount      mtu    
> expire
>        0         0         0         0         0        0     
> 1500       -47
> $ telnet 111.111.111.72 25
> Trying 111.111.111.72...
> telnet: connect to address 111.111.111.72: Connection refused
> 
> $ route get -host 192.168.3.4
>    route to: 192.168.3.4
> destination: 192.168.3.4
>   interface: fxp0
>       flags: <UP,HOST,DONE,LLINFO,WASCLONED>
>  recvpipe  sendpipe  ssthresh  rtt,msec    rttvar hopcount      mtu    
> expire
>        0         0         0         0         0        0      1500     
> 1194
> 
> Alexander,
> 
> On Sun, 22 Jan 2006 12:39:44 +0300
>  <spamcop at ok dot ru> wrote:
> 
>> We're attempt to add multiple IP on WAN to the m0n0wall and allow
>> traffic to Mail server placed in DMZ.
>> In our previous post i've shown what we've made.
>>
>> Externally we're can't telnet to port 25 of 111.111.111.72
>>
>> $ telnet 111.111.111.72 25
>> Trying 111.111.111.72...
>> telnet: connect to address 111.111.111.72: Connection refused
>>
>> Diagnostics: Logs: Firewall:
>> Act: accept, Time: 12:33:50.512685, If: WAN, Source:
>> 85.21.108.189,port 4561, Destination: 192.168.3.4,port 25, Proto: TCP
>>
>> Alexander,
>>
>>
>> On Sat, 21 Jan 2006 17:53:49 -0500
>>  Chris Buechler <cbuechler at gmail dot com> wrote:
>>
>>> On 1/21/06, spamcop at ok dot ru <spamcop at ok dot ru> wrote:
>>>
>>>>
>>>> Can some one help please, what's wrong?
>>>>
>>>
>>>
>>> Either I really missed something, or you need to tell us what's wrong
>>> first.  What do you want to accomplish, what isn't working, etc.  Then
>>> maybe we can tell you how to fix it.  :)
>>>
>>> -Chris
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>>
>>
>> ---
>> Professional hosting for everyone - http://www.host.ru
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
> 
> ---
> Professional hosting for everyone - http://www.host.ru
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>