On 5/2/06, Robert Mortimer <[EMAIL PROTECTED]> wrote:
I have a set of 6 public IP addresses
I set up pfSense with an internal IP in the 10.0.0.x range and use an
external IP
All is good except I can not port forward to my mailserver or webserver.
I have been to the Firewall: NAT: Port Forward tab and set up the port
forward (including the addition of the firewall rule)
In NAT I see the following
IF Proto Ext. port range NAT IP Int. port range
Description
WAN TCP 80 (HTTP) 10.0.0.10 25 (SMTP)
Mailserver
ext.: 80.176.108.60)
In Rules I see the following rule
Proto Source Port Destination Port Gateway Description
TCP * * 10.0.0.10 25 (SMTP) * NAT Mail server
When I plug my PC into the ADSL hub and give it one of my static IP
addresses I can ping my router's external IP but I can not telnet to port
25.
The same setup works with my old Linux smoothwall box (i.e. I can telnet to
port 25)
I also want to add a rule to drop and log all outbound SMTP that does not
originate from a machine in my mailservers group. I set up the group
mailservers to include the requisite machines. I add the following rule to
LAN
TCP ! MailServers 25 (SMTP) * * * Block
in not mailserver
I reload the rules but still I can telnet out to my ISP's mailserver
C:\Documents and Settings\rob>telnet post.demon.co.uk 25
220 anchor-post-33.mail.demon.net ESMTP Tue, 02 May 2006 15:33:21 +0000
quit
221 anchor-post-33.mail.demon.net closing connection
Connection to host lost.
C:\Documents and Settings\rob>
I am running Beta 3
Look in the filter logs and see what is blocking it. Click on the red
X to the left and it will tell you which rule triggered the block.
You can then use this information to see why its not working.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
