Jason - I see there's not a lot of traffic on it. Guess that doesn't bode well for using the community version of EFW...but I figure if I can get it working w/this, I should be able to get it working w/IPFire or another UTM/FW. Thanks for jumping in, i'll try and answer your question as I understand the technology. - I have a public email domain I host at home. - I use a 3rd-party services as my public MX record and have public DNS entries for it. - Message sent to "mydomain.com" goes to the public MX, which relays it to the public IP address of my home cable provider's router here in my house. The ISP blocks port 25 so I'm using an alternate port, say, 26. My MX hosting service knows this and forwards email for my domain to my ISP public address on port 26. - The EFW is a simple RED/GREEN dual-homed network config. The RED interface has the private IP address of 192.168.10.1. - I enabled a "DMZ host" on the ISP router's interface and pointed it to the RED interface of the EFW. So ALL traffic, good and evil, hits the EFW. - The GREEN interface is on my home network. GREEN IP is 172.16.10.1. - My home mail server runs on IP address 172.16.10.26. The SMTP service runs on TCP PORT 26 as well, not 25. - I have a DNAT rule on the EFW as follows: Incoming IP: Uplink/ANY Service: TCP/26 Policy: ALLOW (no IPS) Translate to: 172.16.10.26:26 This works seamlessly w/the MS ISA server publishing rule, but it turns my mail server into a useless brick when I switch to the EFW, w/or w/out the IPS service running. Thanks in advance for your suggestions! VĂctor
------------------------------------------------------------------------------
_______________________________________________ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
