Well if I ping from the server or anywhere else on the network it resolves to the internal IP of the host machine. If I ping from outside the network it is, of course, going to return the public ip which is mapped thru to the same internal IP. There's no way to return the same IP from outside the network. That's the basic function of a firewall. So then what roll does the NAT Gateway Host play. If it is the external IP then it is likewise unreachable by the host server. If it is an instruction to the program that data coming from that IP is acceptable then I cannot get it to make a difference. Is it necessary to restart the server or reboot the whole machine after changing these settings??? It doesn't matter what I put in there the response if the program is the same. That response is: If I initiate a conversation from within the network to a client outside the network everything is fine. But if a client outside the network initiates a conversation then a client inside the network will see their traffic but cannot respond. Also, the external client does not see their traffic echoed in their window. Now when two clients outside the network try to communicate it gets really interesting. Each must initiate a conversation to the other. Client 1 will have to talk to client 2 via the connection it established and client 2 will have to respond over the conversation it established. So you must read from one window and talk in the other.
Anybody got any thoughts on this?? James -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Herschel Jones Sent: Tuesday, February 11, 2003 4:14 PM To: [EMAIL PROTECTED] Subject: [IpswitchIM_Forum] NAT Problems and Solutions After reading the several posts regarding the difficulties setting IM server up in a network that is behind a firewall performing NAT. I figured I'd drop a bit of information out here and hopefully clear things up. There are a few very important things to remember. First and foremost, the NAT gateway host, for best results, should be the external IP of the NAT device (ie. whatever your domain name resolves to from outside the network). Secondly, you MUST be forwarding all traffic for TCP port 5177 to the machine running IM Server. Another important piece of information is that the host name and domain name of the server (found in TCP/IP properties) CAN NOT be the same as the host name and domain of the NAT device. When you are creating user accounts for IM, the user account must reflect the public host name, example: the domain name of the server is IM.Domain.com, then users will have to log on as [EMAIL PROTECTED] to successfully authenticate. The final thing coming to mind is that for all users inside and outside to communicate successfully, there are 3 places to ping from...outside the network, inside the network, and from the server itself. You will need to ping the host name that the users are logging onto (IM.domain.com), and from all three of these places, that hostname must resolve to the same IP address. Keep in mind also, that if your clients are also behind a firewall, they will need to enable client uses NAT on their local machine. This can be found in the registry at HKEY_CURRENT_USER\Software\Ipswitch\Messenger\Version 1.0\Settings. You will see a value "client uses nat" and will need to change that integer to 1. Should this be a tad unclear (I tend to get that way from time to time), in the help for server manager, search for NAT and it will give detailed instructions with screenshots that may be a bit more helpful. If all the above is correct, there are very few instances that clients inside the network will not be able to chat with clients outside the network. Should there be any other questions, you can always go to http://askatech.ipswitch.com and fill out the support form. Please be as detailed as possible when sending your support request. We are here to help you as much as possible, so don't hesitate to drop support a line. -HJ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/ipswitchim_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/Instant_Messenger/index.asp To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/ipswitchim_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/Instant_Messenger/index.asp
