[ previous ] [ next ] [ threads ]
 
 From:  "Simon Buob" <simon dot buob at lan dot ch>
 To:  "Simon Buob" <simon dot buob at lan dot ch>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  AW: [m0n0wall] Exchange Behind M0n0wall
 Date:  Thu, 4 May 2006 19:17:29 +0200
I have some little more important Infos:
 
 
If i connect from the LAN to the Exchange Server in the DMZ over the internal IP (10.1.2.3) i can
connect, but if i try to connect over a public IP, which is forwarded to the Server i het e timeout
but i see in the Firewall log that the request was forwarded to the Server but no answer :(
 
Simon


________________________________

Von: Simon Buob [mailto:simon dot buob at lan dot ch]
Gesendet: Do 04.05.2006 18:00
An: David Bottrill; m0n0wall at lists dot m0n0 dot ch
Betreff: AW: [m0n0wall] Exchange Behind M0n0wall



Yeah i have this rule and i see in the logs that the connection is forwarded to the Server, but i
dont see any answer from the Server...

i had this box unchecked already.

Thanks for your answer

Simon

________________________________

Von: David Bottrill [mailto:david at bottrill dot org]
Gesendet: Do 04.05.2006 17:47
An: m0n0wall at lists dot m0n0 dot ch
Betreff: Re: [m0n0wall] Exchange Behind M0n0wall



On Thursday 04 May 2006 14:09, Simon Buob wrote:
> Hello Together
>
> Following Issue
>
> 192.168.0.35 WAN M0n0 <---> DMZ 10.1.2.1 <---> 10.1.2.3 Windows Server
>
> There is a MS Exchange Server Running.
>
> When i try to connect over telnet from within the 10.1.2.1/29 Subnet i
> can
> Open a SMTP Session without having any problems and see the Mailserver
> Envelope.
>
> But when i try to connect over the WAN Interface (in this case from
> 192.168.0.77) there is only a black DOS Box which disappear as soon as a
> key is
> pressed. Ayone any ideas? In the Logs i do not see anything..
By default M0n0 wont allow private networks on the WAN interface i.e.
192.168.x.x or 10.x.x.x as you are using 192.168.0.35 on your WAN interface
this will block the SNTP traffic. On the WAN configuration page on M0n0
un-check the box "Block private networks" it's at the bottom of the page.

You will then need to put in an inbound firewall rule to allow SMTP from the
WAN to the DMZ interface.

Hope that helps..

David

--
David Bottrill

david at bottrill dot org
www.bottrill.org
Registered Linux user number 330730
Internet Free World Dialup: 683864

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch




---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch