From owner-freebsd-net Mon Oct 15 17:51:45 2001 Delivered-To: freebsd-net@freebsd.org Received: from tomts10-srv.bellnexxia.net (tomts10.bellnexxia.net [209.226.175.54]) by hub.freebsd.org (Postfix) with ESMTP id 5CB4A37B409 for ; Mon, 15 Oct 2001 17:51:41 -0700 (PDT) Received: from xena.gsicomp.on.ca ([65.93.39.114]) by tomts10-srv.bellnexxia.net (InterMail vM.4.01.03.16 201-229-121-116-20010115) with ESMTP id <20011016005140.XSWL4321.tomts10-srv.bellnexxia.net@xena.gsicomp.on.ca>; Mon, 15 Oct 2001 20:51:40 -0400 Received: from hermes (hermes.gsicomp.on.ca [192.168.0.18]) by xena.gsicomp.on.ca (8.11.1/8.11.1) with SMTP id f9G0hIW15111; Mon, 15 Oct 2001 20:43:18 -0400 (EDT) (envelope-from matt@gsicomp.on.ca) Message-ID: <030701c155dc$e152f180$1200a8c0@gsicomp.on.ca> From: "Matthew Emmerton" To: "Graham Dunn" Cc: References: <01cc01c155d1$2547e8c0$1200a8c0@gsicomp.on.ca> <20011015200352.A29974@inscriber.com> Subject: Re: Strange situation with NAT and sendmail [ FIXED ] Date: Mon, 15 Oct 2001 20:52:49 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4807.1700 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > On Mon, Oct 15, 2001 at 07:28:49PM -0400, Matthew Emmerton wrote: > > I've got two networks -- A (10.0.0.0/24) and B (192.168.0.0/24), both > > behind NAT gateways. > > > > The problem I'm having is that I cannot connect to the mail server on > > network A (10.0.0.2) from any machine behind the NAT gateway on network B. > > However, any system on network B can successfully ping the gateway of > > Network A, as well as connect to the two HTTP servers running on the same > > host as the mail server (10.0.0.2). The mail server is running, since I can > > connect to it from the NAT box on network A (via internal address) and via > > public port-forwarded address from the NAT box on network B. > > > > Why can't I connect to it from behind the network B's NAT gateway, when I > > can connect fine to other services running on the same machine? > > My first guess would be to see if you're really "unable" to connect to > sendmail. Check the configuration on sendmail to see if it's set up to > do reverse lookups. It may be trying to resolve the IP you're connecting > from. Try connecting and then let it sit until you see a time out (and > running tcpdump on the box you're trying tp connect from will tell you > if any packets are coming back). I forgot to mention, the mail server on network A is running on *cough* NT *cough*. It is in the process of being replaced by a FreeBSD system with sendmail, but not until the new year. I did a tcpdump on the NAT box on network A - it never records any incoming packets destined for port 25 whatsoever. However, it does record incoming packets for port 81 (the administration web server for the mail server.) Therein lies the answer. It would appear that the ISP providing me residential broadband has now started filtering outbound access to port 25 - you can only send via their mail server. This is why I can't connect to the mail server on the remote network, but everything else works fine. Sorry for the false alarm! -- Matt Emmerton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message