[ previous ] [ next ] [ threads ]
 
 From:  "Lee Sharp" <leesharp at hal dash pc dot org>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] DMZ woes
 Date:  Fri, 17 Mar 2006 11:49:49 -0600
From: "jan gestre" <m0n0wall dot list at gmail dot com>

> i isolated first the dmz from the network to be sure there is no problem
> with the setup i have in mind, then i followed everything you said up to 
> the
> last detail.

> 1. ip address of squirrelmail+postfix = 192.168.101.2
> 2. server NAT = 203.xxx.xxx.xxx
> 3. proxy ARP = 203.xxx.xxx.xxx
> 4. inbound NAT:
>    * external address = 203.xxx.xxx.xxx
>    * protocol = TCP
>    * external port = HTTP
>    * NAT ip = 192.168.2.2
>    * local port = HTTP
> 5. tick the boxes
> 6. then repeated the procedure for the SMTP port

> end result = i still can't browse the gui of my squirrelmail, i tried
> browsing the said page from an ip address outside my lan and i can see the
> login page of my mailserver. tried sending mail to the outside and i saw
> from the mail logs that it was sent, but when i tried to send mail to my
> mailserver, i wasn't able to recieved it, there's no entry in my
> mail.logsindicating the mail was rejected or accepted. i also checked
> the
> www.whatismyip.com, i got the ip of the monowall not the ip of the
> mailserver, is this result correct?
> what more do i have to do in order for my mailserver to accept mails from
> outside?
> why is it that i cant see the web interface from within?
> is there a special tweaking in order for the LAN to see it?

I am having a very difficult time following what you have set up.  Let's try 
more simply.  What are the interface addresses on m0n0wall?  Something like
WAN 131.107.0.15 (Microsoft...  Use the first 3 octets for your REAL IP 
address)
LAN 192.168.1.1
OPT1 192.168.2.1
Mailserver 192.168.2.10
Client machine 192.168.1.100
Inbound NAT 131.107.0.16 (or xxx.xxx.xxx.16)
1:1 NAT 131.107.0.17
Firewall Rules!!!!!!!!!!

                                    Lee