RE: [m0n0wall] WAN IP service bounce/Nat to another external IP..

From:	eric at austinconventioncenter dot com
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	RE: [m0n0wall] WAN IP service bounce/Nat to another external IP..
Date:	Sun, 5 Mar 2006 18:01:55 -0600 (CST)
> Hi Brett,
>
>> -----Original Message-----
>> From: Brett Woodruff [mailto:brett at skyways dot us]
>> Sent: Monday, 27 February 2006 21:16
>>
>> Here is a little problem I'm running into.  It'll take a
>> little space to explain it...  I want to run a Mail
>> server at "site A", but my ISP blocks SMTP port 25. But
>> at another location I have the ISP doesn't block port 25
>> (site B). I don't want to move the server to (site B)
>> because I want to keep all my servers in one place, and
>> as close to me as possible.(my Garage/Shop), for easy/fast
>> repair if needed. What I'm wanting/trying to do is somehow
>> like NAT when a service is requested from (site B) via
>> port 25 it is forwarded to another public IP from a
>> totally different IP block, say via port 111.  like so :
>>
>>
>>
>> Smtp request-->             Site B : 25 -->
>> Forwarded to Site
>> A :111 -->        Nat'd to internal Network via port 25
>>
>>
>>
>> Both site use M0n0wall 1.2b as their firewall/router and are
>> physically
>> located about 36miles apart. And have two totally different access
>> providers.
>>
>> Now I know I can just change the port number that SMTP
>> operates either at
>> the NAT level or server level, but I have about 120 customers
>> that currently
>> use port 25 and I would be pulling my hair out if I had to
>> talk to each one
>> of these people on the phone and walk them through changing
>> the SMTP port.
>> Not very many of my clients are computer literate.
>
> The port block at the ISP will happen before the traffic gets to you
> (hence why the ISP can block it) and therefore you have no way of
> circumventing this with a rule as the traffic doesn't make it to your
> rule.
>
> Not to mention that attempting to circumvent conditions your ISP places
> on you will likely result in them terminating that connection/account,
> sometimes without warning (as you agreed in the acceptance of their
> T&Cs).
>
> --
>
> Regards,
>
> Hilton Travis                          Phone: +61 (0)7 3344 3889
> (Brisbane, Australia)                  Phone: +61 (0)419 792 394
> Manager, Quark IT                      http://www.quarkit.com.au
>          Quark AudioVisual             http://www.quarkav.net
>
> http://www.threatcode.com/ <-- its now time to shame poor coders
> into writing code that is acceptable for use on today's networks
>
> War doesn't determine who is right.  War determines who is left.
>
> This document and any attachments are for the intended recipient
>   only.  It may contain confidential, privileged or copyright
>      material which must not be disclosed or distributed.
>
>                     Quark Group Pty. Ltd.
>       T/A Quark Automation, Quark AudioVisual, Quark IT
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
Why not setup a vpn tunnel between the two and forward mail through the
tunnel.