> Hi Kristian,
> I can ping all above paths from an external location without error.
> On 3/16/06, Kristian Shaw <monowall at wealdclose dot co dot uk> wrote:
>> Can you ping www.mydomain.com from another connection to confirm that ICMP
>> is not being blocked on the remote network?
>> Blocking ICMP stops MTU Path Discovery from working properly which causes
>> all sorts of odd connectivity problems.
>> ----- Original Message -----
>> From: "Phil" <xphilz at gmail dot com>
>> To: <m0n0wall at lists dot m0n0 dot ch>
>> Sent: Wednesday, March 15, 2006 9:34 PM
>> Subject: [m0n0wall] Mail problems - need advice please
>> Hi guys,
>> I am having a problem where I can't get mail through my mail client or
>> through webmail which goes like this;
>> - Can get to www.mydomain.com
>> - *Can't* get to www.mydomain.com/webmail
>> - *Can't* ping mail.mydomain.com
>> - *Can't* tracert to mail.mydomain.com - Any tracert that I do will fail
>> outside the m0n0 which is strange. It gets about 6 hops in and then failes
>> 1-2 hops short of the destination.
>> - Can Telnet to mail.mydomain.com 25
>> I can get to all these locations from any other computer that is not
>> my m0n0wall. I can also perform all the tests to places like yahoo,
>> microsoft and other domains that I use with no problems.
>> It is a little strange as all this has been working for as long as I have
>> had the m0n0 which is about 2 years and only with the recent update has
>> this stopped working. I don't have any rules that would block mail or
>> anything else complex. My setup is straightforward and simple. It is as
>> - LAN - 192.168.1.1
>> - WAN - Dynamic from ISP - PPPoE
>> - DMZ - Static address from ISP - This is using 1:1 NAT.
>> The only inbound NAT\FW rules are for;
>> If Proto Ext. port range NAT IP Int.
>> port range Description
>> WAN TCP 25 (SMTP) DMZ IP (hidden) 25 (SMTP)
>> Allow SMTP to DMZ
>> WAN TCP 80 (HTTP) DMZ IP (hidden) 80
>> (HTTP) allow http to www server in DMZ
>> WAN TCP 3389 DMZ IP
>> (hidden) 3389 allow RDP to DMZ
>> WAN TCP 3390 LAN IP (hidden)
>> 3390 RDP - dev
>> WAN UDP 5060 LAN IP (hidden)
>> 5060 Allow SIP
>> WAN UDP 16382 - 20382 LAN IP (hidden) 16382 -
>> 20382 Allow RTP
create a rule allow icmp from WAN to WAN-IP of the m0n0wall and test it.
>> I have spent ages troubleshooting this with my ISP and Domain Registrar
>> there seems to be no problems there end. Also the fact that I can take my
>> machine anywhere outside of my network and get 100% functionality seems to
>> show its a localised problem.
>> I have tried doing snaps in the fw logs as I try to connect to mail, ping
>> and tracert and I can not see the traffic being blocked which is even more
>> I am stuck for ideas on how to troubleshoot this further and I am open to
>> suggestions to get this resolved. Please let me know what further info
>> be useful in troubleshooting this.
>> Thanks for any assistance in advance.
"let's make the backup tomorrow"