/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */ Hi my name is Claudius Li, I'm a sysadmin for the Johns Hopkins University. I have a masquerading firewall and it seems to be mostly working. My one problem is that I have a mail server which I want to keep behind the firewall but I still want people to be able to send us mail. So I set up an alias on the outside interface of the firewall with the old ip address of the mail server (mailhost.domain.edu) And I'm using ipmasqadm portfw to forward the connections to the internal mailserver. I can't ping mailhost from outside the firewall, nmap shows no ports open, and I can't telnet mailhost.domain.edu 25 either (connection refused) But when I set up the firewall in a test configuration it almost works. I can ping it, smtp show up under nmap, and I can do telnet mailhost.domain.edu 25. As far as I can tell there the only differences between the test configuration and the real configuration are that the real configuration uses the AUI port instead of the 10base2 port (I've added xcver=1 to the /etc/modutils/options), and the ip addresses are different (to avoid ip conflicts while I was testing) Both the firewall and mailhost are running Debian Linux, the machine for the test setup is an NT box with the Merak Mail server on it. Can anyone help me with this or point me to somewhere where I can get help? I've read the ipchains, and ipmasqadm man pages, I've read the firewall, and the ipmasquerade how-to's, and I read all the FAQ and user-kernel on Juan Jose Ciarlante's web site. Gargoyls mini-howto seems to be a broken link though. Thank you in advance, Claudius Li _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
