I have created this fw rule to allow ICMP and tested this externally pinging
my WAN interface which works.
This has not helped however for the original problem.
Thank you for the suggestion.
Any other ideas? =))
On 3/16/06, Christoph Hanle <christoph dot hanle at leinpfad dot de> wrote:
> Phil schrieb:
> > Hi Kristian,
> > I can ping all above paths from an external location without error.
> > Cheers,
> > Phil.
> > On 3/16/06, Kristian Shaw <monowall at wealdclose dot co dot uk> wrote:
> >> Hello,
> >> Can you ping www.mydomain.com from another connection to confirm that
> >> is not being blocked on the remote network?
> >> Blocking ICMP stops MTU Path Discovery from working properly which
> >> all sorts of odd connectivity problems.
> >> Kris.
> >> ----- Original Message -----
> >> From: "Phil" <xphilz at gmail dot com>
> >> To: <m0n0wall at lists dot m0n0 dot ch>
> >> Sent: Wednesday, March 15, 2006 9:34 PM
> >> Subject: [m0n0wall] Mail problems - need advice please
> >> Hi guys,
> >> I am having a problem where I can't get mail through my mail client or
> >> through webmail which goes like this;
> >> - Can get to www.mydomain.com
> >> - *Can't* get to www.mydomain.com/webmail
> >> - *Can't* ping mail.mydomain.com
> >> - *Can't* tracert to mail.mydomain.com - Any tracert that I do will
> >> outside the m0n0 which is strange. It gets about 6 hops in and then
> >> 1-2 hops short of the destination.
> >> - Can Telnet to mail.mydomain.com 25
> >> I can get to all these locations from any other computer that is not
> >> behind
> >> my m0n0wall. I can also perform all the tests to places like yahoo,
> >> google,
> >> microsoft and other domains that I use with no problems.
> >> It is a little strange as all this has been working for as long as I
> >> had the m0n0 which is about 2 years and only with the recent update has
> >> all
> >> this stopped working. I don't have any rules that would block mail or
> >> anything else complex. My setup is straightforward and simple. It is as
> >> follows;
> >> - LAN - 192.168.1.1
> >> - WAN - Dynamic from ISP - PPPoE
> >> - DMZ - Static address from ISP - This is using 1:1 NAT.
> >> The only inbound NAT\FW rules are for;
> >> If Proto Ext. port range NAT
> IP Int.
> >> port range Description
> >> WAN TCP 25 (SMTP) DMZ IP (hidden) 25 (SMTP)
> >> Allow SMTP to DMZ
> >> WAN TCP 80 (HTTP) DMZ IP (hidden) 80
> >> (HTTP) allow http to www server in DMZ
> >> WAN TCP 3389 DMZ IP
> >> (hidden) 3389 allow RDP to DMZ
> >> WAN TCP 3390 LAN IP (hidden)
> >> 3390 RDP - dev
> >> WAN UDP 5060 LAN IP (hidden)
> >> 5060 Allow SIP
> >> WAN UDP 16382 - 20382 LAN IP (hidden) 16382 -
> >> 20382 Allow RTP
> create a rule allow icmp from WAN to WAN-IP of the m0n0wall and test it.
> >> I have spent ages troubleshooting this with my ISP and Domain Registrar
> >> and
> >> there seems to be no problems there end. Also the fact that I can take
> >> machine anywhere outside of my network and get 100% functionality seems
> >> show its a localised problem.
> >> I have tried doing snaps in the fw logs as I try to connect to mail,
> >> and tracert and I can not see the traffic being blocked which is even
> >> confusing.
> >> I am stuck for ideas on how to troubleshoot this further and I am open
> >> suggestions to get this resolved. Please let me know what further info
> >> would
> >> be useful in troubleshooting this.
> >> Thanks for any assistance in advance.
> >> Cheers,
> >> Phil.
> last words:
> "let's make the backup tomorrow"
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch