Date: Tue, 16 Oct 2001 03:39:18 +0200 (SAST) From: The Psychotic Viper <psyv@sec-it.net> To: Matthew Emmerton <matt@gsicomp.on.ca> Cc: <freebsd-net@FreeBSD.ORG> Subject: Re: Strange situation with NAT and sendmail Message-ID: <20011016032047.Q1152-100000@lucifer.fuzion.ath.cx> In-Reply-To: <01cc01c155d1$2547e8c0$1200a8c0@gsicomp.on.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On Mon, 15 Oct 2001, Matthew Emmerton wrote: > The problem I'm having is that I cannot connect to the mail server on > network A (10.0.0.2) from any machine behind the NAT gateway on network B. The mailserver is BEHIND the NAT box on network A? If so does your NAT do any form of forwarding? If its no to the second one you would either need to set up some forwarding rule, because you wouldnt have direct access from an external network (public or private class) to a machine behind a NAT gateway that is on a private network class. > However, any system on network B can successfully ping the gateway of > Network A, as well as connect to the two HTTP servers running on the same > host as the mail server (10.0.0.2). The mail server is running, since I can > connect to it from the NAT box on network A (via internal address) and via > public port-forwarded address from the NAT box on network B. The reason you can ping the gateway of the other network is because NAT is doing its job and translating ur ping request to send to the external net and back to sending the reply to you. So NAT is working and port-fwding is workin fine so safe to assume thats not the problem. > Why can't I connect to it from behind the network B's NAT gateway, when I > can connect fine to other services running on the same machine? Question though....are u possibly trying to connect to say 192.168.0.10 (for example) directly from your 10.0.0.10 box? For example : user@10.0.0.10# ping 192.168.0.10? If so that wouldnt pass throught ur NAT system on to the outside interface, due to the fact that unless set to route to the external device it would try to find that IP address on your local network , which in this case is 10.0.0.x (and no route is possibly set for 192.168.0.x at all thus sending the packets to effectivly nowhere). Hope you understood that, now for a "workaround" set up a forwarding rule on your network A system to foward to the system and port you want to connect to (maybe 25 in this case?) and connect to the NAT boxes IP and that port, it should work the way you want just on a different port. If I am unclear on anything or need help doing it just mail me off list and I am more than happy to help (would give me something to due to prevent insomnia aggrevated boredom). Seriously hope I helped, PsyV To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011016032047.Q1152-100000>