Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: mackayr on October 02, 2005, 10:52:55 AM
-
G'day,
I recently installed a D-Link 524 wireless router. I disabled DHCP on my SME and changed it to run on Server only mode. Everything is working fine now except local email and remote SSH. When I try to check my SME local email I get a message ("The server name you entered could not be found on the network ....").
Also, though I can't seem to access SSH remotely any longer. I have port 22 forwarded to SME port 22. Since the request now will be coming through the router, do I have to tell SME server that? Do I have to open TCP and UDP or just TCP?
Thanks!
-
Hi,
Well since you are using the DHCP from the router, your dns server you are using is probly that of the ISP.
Your ISP does not know the name of your internal server.
You should be able to access it using the ip address of the server.
or turn off the dhcp on the router and use the dhcp on the SME.
-----
SSH should work fine just forwarding the port 22 to the SME. Double check everything.
Do everything by IP address first to exclude DNS problems.
edward
-
Edward,
Thanks for the response and yes you are correct. By changing to my ip address for email server, it worked fine. You are also correct with my SSH problem. I must have inadvertently (or perhaps on purpose) disabled remote SSH access in the Remote Access panel. I noticed that last night and changed it back. Voila! SSH today from remote location.
With regard to DHCP issue, is there any advantage to using SME? If I do use SME, will that also use SME proxy server? Lastly, is there any advantage to using SME as the gateway, or is the router just as secure? It's a D-Link DI-524.
Thanks for the info!
Rob
-
With regard to DHCP issue, is there any advantage to using SME?
You will be able to access your file server by name for one. May be faster if your ISP's dns server overloaded.
If I do use SME, will that also use SME proxy server?
Not if you still have the server in the "server only" mode. Besides there is a how to on disabling the proxy, if that is a problem.
Lastly, is there any advantage to using SME as the gateway, or is the router just as secure? It's a D-Link DI-524.
If you use the SME, you only have one box to worry about. I don't think it is any more or less secure.
-
If you use the SME, you only have one box to worry about. I don't think it is any more or less secure.
Yep. Adding a port forwarding router into the mix just adds complexity, with no additional security. You now have two boxes to manage and lose the benefits of automatic firewall configuration.
If a protocol is port forwarded through the router to the internal SME Server, you are just as vulnerable to attacks on that protocol as you would be if the SME Server provided the firewall.
The only advantage a port forwarding firewall might provide is extra denial of service protection on ports which are closed.
The Linux kernel will drop those packets very quickly in any case and your typical PC has far more ability to deal with these packets than the tiny processors and RAM in the home routers.