help with port forwarding in ipcop

A

atomiser

Gawd
Joined
Jun 12, 2004
Messages
619
here's the network layout:



the domain, dns and mx are all setup correctly. if i send an email from my gmail account to a valid email address on the domain i see the incoming traffic hit the firewall rule on the dg834g. i am, however, having some problems setting up the port forward on the ipcop box.

i thought the source port would need to be any, but ipcop won't let you do this. i'm sure i had this working yesterday using (on the ipcop box) source port 25, destination port 25 and destination ip address 172.16.0.2 but i turned everything off last night, restored it this morning and now it doesn't work.

i've tried deleting and recreating the port forward but that doesn't seem to have made any difference.

has anyone come up against this problem before, any suggestions for a resolution?

thanks!
 
Sorry for being a bit off topic here but, i would not recomend running a server AND a router in vmware on a laptop behind a home grade router using wireless lmao. You and i both know that this is really not very good for production nor for trying to learn either.

Also, have you tried setting the wan port of ipcop to be the DMZ server on your real router. This may help sort out your problem.
 
of course it's no good for production, but it's *perfect* for learning - they actually run fine on this setup, as there is no load on them. that said, these vm's are just being installed in preparation for a move of the environment to my new core 2 duo desktop system arriving next week, where i will be running a *lot* more machines concurrently.
 
Yeah i know its only for learning but i was just saying lol, i dont usually use vmware on laptops.

Try puttin ipcop onto ur netgear DMZ see what happens.
 
the laptop has a 7200rpm drive for the o/s and the vm's are running on a 7200rpm drive via an external usb enclosure - one of the reasons why they actually run at an acceptable level.

will give your suggestion a whirl but i dont believe the dg834 forwarding the traffic via the firewall rule is the issue because i see the incoming packet in the logs.
 
Have a trie, ive had a few problems in tha past with netgears about port forwarding and the likes.

Also, does ipcop have all of that smtp security and stuf in it, maybe that is set up wrong.

Im not sure if ipcop does have the smtp filtering installed by default though.

Have a sift through your configs for anything that may be abe to block things getting past the firewall.
 
Another suggestion i have is that its not the ipcop making the problems, its probably exchange or whatever mail server your using.

I presume your using exchange, make sure u have all of your internet smtp connectors set up, allow mail to be relayed between domains etc...

go to you exchnage system manager and have a look round.
 
just booting everything up again to try it.

the ipcop is just a plain vanilla install, no mods or add-ons.
 
tried the dmz suggestion, still no joy. tried forwarding all inbound services to the ipcop box, still seeing lots of stuff hitting the dg834g, but still nothing showing up on the ipcop box. i may try a different ip address on the external ip address of the ipcop box, see if that mends it. alternatively i think i may try a different firewall distro.
 
ok, so i've tried something else... i've disabled the dhcp server on the dg834g, used the 'change ip address' and 'connect to the internet' wizards on the sbs server to change everything over to the 192.168.0.0/24 network, and then changed the vm instances to use vmnet0 (bridge). i've now set the dg834g to forward 25 directly to the server which is now on the local lan. clients can still login to the domain and get out to the internet etc, but incoming mail *still* isn't working. i can *still* see the incoming mail packet hitting the firewall rule. i've also tried making the server ip address the 'default dmz host' with no success, and also modifying the port forward rule to 'any' instead of smtp. still no joy. i'm pulling my hair out with this one - and advice?! thanks!
 
i've a horrible feeling it has something to do with eset and the level of protection it is providing to the local pc...and therefore all the vmnet adaptors too...why is it that i only come up with these ideas once i've deleted all the vm's in preparation for a fresh install...grrr! will post back if this works after a re-install!
 
yep, after all the buggering about (incl deleting and completely recreating it from scratch) it was eset that was causing the problem! thanks for everyones suggestions of things to try.
 
You must log in or register to reply here.
Back
Top