At 04:28 PM 2/10/03 -0800, Doug Sampson wrote:
Of course they are. But I was attempting to telnet to port 25, a standard way to check for the presence of an SMTP server. Sorry I was not more explicit.Ray,> But with all of that, I cannot connect (using telnet) to your > mail server > from here (though I can ping you and connect to the Web server). You couldn't- all attempts to port 23 are blocked.
I think this is your problem. When a router does port forwarding, it does not Masquerade the source address. So the Exchange server sees the incoming connection as from aa.bb.cc.dd (a real, external address), not from the Bering router's internal address. It replies to that real address, so the reply packet follows the host's routing table, making it look (to the outside) as though it were coming from the proxy server (or whatever its default gateway is). Since that is the wrong IP address, the SMTP connection does not complete.> So ... how thoroughly have you checked the Exchange server for > configuration problems? Is the Dachstein router its default > gateway (and > not the proxy server at 216.70.236.235)? Does Exchange do any > authentication (such as auth) of a sort that might work with > the proxy > server but not an ordnary port-forwarding router? I hesitate > to go down > this road very far, since I suspect you know more about > Windows sysadmin > issues than I do, but I would encourage you to spend some > time thinking > about possible problems with Exchange or the server it runs on. No, I haven't configured the Exchange server for use with the Dachstein router. I assumed that since the firewall had an internal address that the Exchange server would accept connections from it. Currently Exchange is configured to accept unauthenticated connections.
So at least for a test, tell the Exchange server that the Dachstein router is its default gateway, and see if that changes your results. You may also need to tell it to reply to real (non-LAN) IP addresses ... I couldn't tell from what you wrote if it will ... but if it previously worked only via a proxy server, it might not be set to accept off-LAN connections.
I may have the details wrong here, because I really don't know how you have your Exchange server set up (or, really, even what the possibilites are). But I do believe that this is the general location of your problem, in a misconfiguration of the Exchange server's access to the Internet.
I disagree. I see that same evidence as pointing to a misconfiguration of the Exchange server.> Is the Dachstein router replacing a prior router of some > sort? Or is this a > new connection (that is, did everything previously use the > proxy server at > 216.70.236.235)? No, Dachstein isn't replacing anything that used to exist at that address. I am still running a Proxy Server 2.0 at that address and it shows port 25 and 80 being open. Running a port scanner from outside the network against the Dachstein router shows only port 80 (and 22) as being open. You can try scanning against 216.70.236.236 (Dachstein) and see for yourself. Try the same scan against 216.70.236.235 (the Proxy Server) and you will notice that ports 25 and 80 are open. All evidence points to the Dachstein router. Ray, I understand what you're saying about the firewall being correctly configured- it does seem like it is. But the port scanner isn't reporting port 25 as being open.
--
-------------------------------------------"Never tell me the odds!"--------
Ray Olszewski -- Han Solo
Palo Alto, California, USA [EMAIL PROTECTED]
-------------------------------------------------------------------------------
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
