Koozali.org: home of the SME Server

Obsolete Releases => SME Server 7.x => Topic started by: zymazyt on October 09, 2006, 01:26:59 PM

Title: behind nat 1:1 mail problem
Post by: zymazyt on October 09, 2006, 01:26:59 PM

Hi
I've been fighting with this for a while alone, but I can't figure the solution out.
My ISP offers me public IP address only by beeing behind 1:1 full NAT. Everything should work fine, but it doesn't.
Review:
I've got SME 7 set to server&router mode. ->works fine
I've got domain with MX record set on external server -> works fine
I can access POP3, POP3S, FTP, WWW through domain name and IP address from outside networks, and local one too.
I can't access SMTP from anywhere else than my private LAN, and ISP local network (inside NAT). It doesn't matter I try to connect via mail client to sent some mail nor throurg telnet on port 25. Connection always timeouts.

I think It is a problem with mail server configuration - it thinks that it's address is the WAN ip address of SME machine, while it should also be my public ip address. Unfortunately I can't find a place to set this.
This above is only my guess. If someone knows how to deal with problem pls answer. If some more test are needed ask for them. I'm desparated, and my boss is growing really angry:/

Title: behind nat 1:1 mail problem
Post by: mmccarn on October 09, 2006, 04:20:53 PM

To clarify, this is the image I get of your situation:

Test_Workstation
|
Internet
|
|
Public IP on ISP's router (a.b.c.d)
Private IP on ISP's router (192.168.y.1)
|
| 1-to-1 NAT: a.b.c.d -> 192.168.y.z
|
SME WAN - 192.168.y.z
SME LAN - 192.168.w.x
|
Local_workstation

- Local_workstation: everything works, including SMTP
- Test_Workstation: everything works *except* SMTP
- DNS MX records send email to a.b.c.d

=================================================
Things to check:

1. If the internet works for "Local_workstation" then you must have all of the IP information configuration set correctly (SME LAN, SME WAN).
2. Go to 'server-manager' and check 'E-mail' (under "Configuration").  Make sure that "E-mail retrieval mode"    is set to "Standard (SMTP)" (in the "Change e-mail reception settings" section).
3. Make sure that the SME WAN IP and SME LAN IP are on different sub-nets.  If you have them on the same sub-net with "local_workstation" using the private IP on the ISP's router as the gateway, then you want to switch your server from server-gateway mode to server-only mode

That's about it.  If all of the above matches your configuration I would assume that your ISP's "1-to-1 NAT" either isn't really 1-to-1 NAT, or that they are blocking in-bound traffic on port 25...  I would install "nmap" on "Test_Workstation" and scan the host at "a.b.c.d" to see what happens

There is no need to program the "a.b.c.d" WAN ip address into your SME server

Title: behind nat 1:1 mail problem
Post by: zymazyt on October 09, 2006, 04:47:08 PM

Hopefully after two months of uncertanity, problem is solved. My ISP's admin confessed that today he fixed masquarade setting on theirs router. And sudenly everything started to work.
Thx for reply, but as I thought everything was fine on my side