[ previous ] [ next ] [ threads ]
 
 From:  "Quark IT - Hilton Travis" <Hilton at quarkit dot com dot au>
 To:  "Brett Woodruff" <brett at skyways dot us>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] WAN IP service bounce/Nat to another external IP..
 Date:  Mon, 6 Mar 2006 07:42:37 +1000 
Hi Brett,

> -----Original Message-----
> From: Brett Woodruff [mailto:brett at skyways dot us] 
> Sent: Monday, 27 February 2006 21:16
> 
> Here is a little problem I'm running into.  It'll take a 
> little space to explain it...  I want to run a Mail 
> server at "site A", but my ISP blocks SMTP port 25. But 
> at another location I have the ISP doesn't block port 25
> (site B). I don't want to move the server to (site B) 
> because I want to keep all my servers in one place, and 
> as close to me as possible.(my Garage/Shop), for easy/fast 
> repair if needed. What I'm wanting/trying to do is somehow 
> like NAT when a service is requested from (site B) via 
> port 25 it is forwarded to another public IP from a 
> totally different IP block, say via port 111.  like so :
> 
>  
> 
> Smtp request-->             Site B : 25 -->                
> Forwarded to Site
> A :111 -->        Nat'd to internal Network via port 25
> 
>  
> 
> Both site use M0n0wall 1.2b as their firewall/router and are 
> physically
> located about 36miles apart. And have two totally different access
> providers.
> 
> Now I know I can just change the port number that SMTP 
> operates either at
> the NAT level or server level, but I have about 120 customers 
> that currently
> use port 25 and I would be pulling my hair out if I had to 
> talk to each one
> of these people on the phone and walk them through changing 
> the SMTP port.
> Not very many of my clients are computer literate.

The port block at the ISP will happen before the traffic gets to you
(hence why the ISP can block it) and therefore you have no way of
circumventing this with a rule as the traffic doesn't make it to your
rule.

Not to mention that attempting to circumvent conditions your ISP places
on you will likely result in them terminating that connection/account,
sometimes without warning (as you agreed in the acceptance of their
T&Cs).

--

Regards,

Hilton Travis                          Phone: +61 (0)7 3344 3889
(Brisbane, Australia)                  Phone: +61 (0)419 792 394
Manager, Quark IT                      http://www.quarkit.com.au
         Quark AudioVisual             http://www.quarkav.net

http://www.threatcode.com/ <-- its now time to shame poor coders 
into writing code that is acceptable for use on today's networks

War doesn't determine who is right.  War determines who is left.

This document and any attachments are for the intended recipient 
  only.  It may contain confidential, privileged or copyright 
     material which must not be disclosed or distributed.

                    Quark Group Pty. Ltd.
      T/A Quark Automation, Quark AudioVisual, Quark IT