[ale] routing port forwarding issues - help!
Dow Hurst
dhurst at kennesaw.edu
Thu Jul 11 18:51:07 EDT 2002
Do you push a template config file to all the qmail servers to ease your
admin? Are other services available to test on the qmail servers? I
wonder if you can see if more than port 25 is blocked on the qmail
servers? What does your ARP table on the qmail server show after
pinging the local firewall? Is ipchains or iptables running on the
qmail servers? How are you getting to the qmail servers? Use SSH
directly from your local workstation to the qmail server directly or are
you forced to go roundabout thru a server local to the qmail server?
Dow
Gary MacKay wrote:
> A traceroute will die before it gets to the desired machine.
> Traceroute dies at the same IP addr from each machine that I tried it
> from.
>
> New info: I found that I can telnet to port 25 just fine from the
> firewalls of each lan. As I mentioned below, one is a Netopia R910
> router, one is an OpenBSD box running ipf, and one is a Linksys
> router/hub unit. In each case, I can telnet just fine from the
> firewall, but not from the qmail server behind it. I can also telnet
> just fine from any _other_ machine, windows and linux, behind the
> firewall. Just not from the qmail box which is involved in the port
> forwarding rules from the firewall.
>
> What could port forwarding have to do with it? That seems to be the
> only common thing so far.
>
> - Gary
>
>
>
>
> Dow Hurst wrote:
>
>> What is the result from a traceroute for these machines that don't
>> respond to a telnet to port 25? Do you know whether the other
>> machines that you can get to on these LANs will respond to a port 25
>> telnet?
>> Dow
>>
>>
>> Gary MacKay wrote:
>>
>>> I have several email servers running qmail at various clients and
>>> can not send messages to certain domains. Most email works just
>>> fine, but I am seeing a growing number of domains that I can not
>>> send to.
>>>
>>> I do not think my problems are related to qmail tho. I think it is
>>> more of a routing, firewall, etc. type issue. Reason is I can not
>>> even telnet to the IP addr on port 25 of the domains that are
>>> failing. I'm not sure how the firewall fits into the picture either
>>> since they are different at each site (ie. Netopia, Linksys, and
>>> OpenBSD). Obviously they are all doing NAT and port forwarding
>>> to/from the email server inside. Very typical/standard setup I'm sure.
>>>
>>> At first I thought it had to do with the ISP, since all of the ones
>>> with problems, use the same ISP. That is the only common factor I
>>> could find. Then I discovered yesterday that I could telnet just
>>> fine from other machines on the network, just not the email server.
>>> Windows, Linux, etc,. Did not matter. Very weird. I checked this at
>>> the other client sites, and sure enough, it works from any machine
>>> other than the mail server. What am I missing here?
>>>
>>> TIA,
>>> - Gary
>>>
>>>
>>> ---
>>> This message has been sent through the ALE general discussion list.
>>> See http://www.ale.org/mailing-lists.shtml for more info. Problems
>>> should be sent to listmaster at ale dot org.
>>>
>>>
>>
>>
>> ---
>> This message has been sent through the ALE general discussion list.
>> See http://www.ale.org/mailing-lists.shtml for more info. Problems
>> should be sent to listmaster at ale dot org.
>>
>
>
>
---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.
More information about the Ale
mailing list