[NTLUG:Discuss] Port forwarding with IPCop
Greg Edwards
greg at nas-inet.com
Fri Feb 27 14:10:31 CST 2004
Bobby Wrenn wrote:
> I am have trouble with my new DMZ setup.
>
>
> WORLD
> |
> Firewall machine with 3 NICs running IPCop Static IP
> |
> _____|_________
> | |
> Internal LAN |
> 192.168.1.0/24 Servers (Apache and Postfix)
> 192.168.2.0/24
>
> On the firewall I have the following set up for forwarding.
>
> TCP DEFAULT IP : 25(SMTP) > 192.168.2.2 : 25(SMTP)
> TCP DEFAULT IP : 110(POP3) > 192.168.2.2 : 110(POP3)
> TCP DEFAULT IP : 80(HTTP) > 192.168.2.2 : 80(HTTP)
>
> I think these are correct. However, I can't retrieve mail from Servers
> on Internal LAN. The error indicates "Connection refused".
>
> I'm sure I'm missing something simple. But it's been a few years since I
> have tried to mess with this. What am I missing?
>
> TIA
> Bobby
>
I would start by making sure your addresses resolve. When you run "host
mailserver" from a station inside what do you get back?
I run 2 DNS servers, one for outside and one for inside, to resolve the
problem of services shared on both sides of the firewall.
--
Greg Edwards
New Age Software, Inc. - http://www.nas-inet.com
Consulting Services - http://consult.nas-inet.com
More information about the Discuss
mailing list