At 01:44 PM 2/4/03 -0800, Chris Low wrote:
Thanks to Steve the weblet is now running. I had 10.10.10.0/255.255.255.0 added in the hosts.allow files, but didn't realize I also had to add 10.10.10./255.255.255.0 as well.If your overall LAN setup is simple enough, this will work. Since this approach "double NATs" all the traffic (first by the LEAF router; second by the ISP someplace), there is always some risk that something you implement will run into a rare problem. Worry most about things that you are port forwarding (not mail; that should work just fine) ... particularly the traditional "problem services" (ftp, irc, a few others) and the p2p services.
(a) port forward traffic to port 25 on the LEAF router to the 10.10.10.x mail serverI'm not sure if it's NAT or routed. Assuming it's NATed, and it is already setup to go from the ISP's router to 192.168.1.2, couldn't I use that address for eth0 on the firewall, and setup portforwarding to send it to the static IP of the mail server behind the firewall? This seems the simplest way to me since it only requires me to make a few changes to Dachstein and not have to have our ISP change anything at all.
(b) have the ISP router port forward port 25 to the LEAF router's "external" address.
(I'm assuming here that the ISP router NATs 192.168.1.0/24, something you haven't actually said. It is possible that the ISP actually routes to 192.168.1.0/24 rather than NATs it, and that some address translation takes place upstream of you. In that case, everything is different, and you haven't told us enough details to get good advice.)
While this approach should work, it is clumsy.
--
-------------------------------------------"Never tell me the odds!"--------
Ray Olszewski -- Han Solo
Palo Alto, California, USA [EMAIL PROTECTED]
-------------------------------------------------------------------------------
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
