Date: Mon, 15 Oct 2001 20:52:49 -0400 From: "Matthew Emmerton" <matt@gsicomp.on.ca> To: "Graham Dunn" <gdunn@inscriber.com> Cc: <freebsd-net@FreeBSD.ORG> Subject: Re: Strange situation with NAT and sendmail [ FIXED ] Message-ID: <030701c155dc$e152f180$1200a8c0@gsicomp.on.ca> References: <01cc01c155d1$2547e8c0$1200a8c0@gsicomp.on.ca> <20011015200352.A29974@inscriber.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Mon, Oct 15, 2001 at 07:28:49PM -0400, Matthew Emmerton wrote: > > I've got two networks -- A (10.0.0.0/24) and B (192.168.0.0/24), both > > behind NAT gateways. > > > > The problem I'm having is that I cannot connect to the mail server on > > network A (10.0.0.2) from any machine behind the NAT gateway on network B. > > However, any system on network B can successfully ping the gateway of > > Network A, as well as connect to the two HTTP servers running on the same > > host as the mail server (10.0.0.2). The mail server is running, since I can > > connect to it from the NAT box on network A (via internal address) and via > > public port-forwarded address from the NAT box on network B. > > > > Why can't I connect to it from behind the network B's NAT gateway, when I > > can connect fine to other services running on the same machine? > > My first guess would be to see if you're really "unable" to connect to > sendmail. Check the configuration on sendmail to see if it's set up to > do reverse lookups. It may be trying to resolve the IP you're connecting > from. Try connecting and then let it sit until you see a time out (and > running tcpdump on the box you're trying tp connect from will tell you > if any packets are coming back). I forgot to mention, the mail server on network A is running on *cough* NT *cough*. It is in the process of being replaced by a FreeBSD system with sendmail, but not until the new year. I did a tcpdump on the NAT box on network A - it never records any incoming packets destined for port 25 whatsoever. However, it does record incoming packets for port 81 (the administration web server for the mail server.) Therein lies the answer. It would appear that the ISP providing me residential broadband has now started filtering outbound access to port 25 - you can only send via their mail server. This is why I can't connect to the mail server on the remote network, but everything else works fine. Sorry for the false alarm! -- Matt Emmerton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?030701c155dc$e152f180$1200a8c0>