![Untangle Networks [home]](http://www.untangle.com/templates/untangle_networks_template_950px/public/images/logo.gif){kind=logo}
![Untangle Networks [home]](http://untangle.com/templates/untangle_networks_template_950px/images/untangle_logo.gif){kind=logo}
07-04-2009, 05:00 AM
|
#1 (permalink) |
|
Untangler
Join Date: Aug 2008
Location: Teresina,Brazil - Lake Forest, Ca USA
Posts: 99
 |
How to: Outlook and UT's public IP
Hi everyone, I have my e-mail server sitting behind UT router, inside my LAN outlook doesn't work when I set it up with UT's Public IP(WAN), only works with UT's private IP (LAN).
P.S.: Out of my local network, outlook works fine when set it up with UT's Public IP. Any ideas?  |
|
|
07-04-2009, 06:25 AM
|
#2 (permalink) |
   
Join Date: Jan 2009
Location: Sweden (Eskilstuna)
URLs submitted: 57
Posts: 2,933
 |
Hi,
How dose the Firewall rule look? Do you have: Source Interface: ANY Destination Interface: Internal Or: Source Interface: External Destination Interface: Internal ? If you have External to Internal try with ANY insted. (As the cilent is coming from the inside)
__________________
"Of all the things I've lost, I miss my mind the most" Untangle Reseller (Sweden) WebFooL@fakenews.se http://fakenews.se/ Need space to Upload content for you forum post? |
|
|
|
07-04-2009, 10:14 AM
|
#5 (permalink) |
Join Date: Apr 2008
Location: Phoenix, AZ
URLs submitted: 7
Posts: 9,951
|
Adjust your port forward rule to include the internal interface as well as external... then traffic can bounce off the external address and back in.
Or, if you prefer a more elegant approach... your mail server more than likely has a DNS name associated with it for easy access on the internet. If your network clients are using UT as their DNS server, you can create a host record within the dns service to resolve to the internal IP address. 6 of one, half dozen of the other. I prefer the latter, as it doesn't waste router resources on internal connections.
__________________
Intouch Technology Rob Sandling, BS:SWE, MCP Office: 480-272-9889 rob@intouchtechllc.com |
|
|
07-06-2009, 04:52 AM
|
#6 (permalink) |
|
Untangler
Join Date: Aug 2008
Location: Teresina,Brazil - Lake Forest, Ca USA
Posts: 99
|
Again, thanks for the replies!
I tried on port foward mark both interfaces, external and internal...but it gives me a big problem, all the outgoing e-mail return with the message: "too may hops" cuz both interface marked creates a loop. I have my own Public DNS server running on windows 2003. A friend suggested creating 2 A records, one pointing to UT's public IP and the other pointing to UT's LAN IP. After flushing my dns, It seems the problem is solved. Anyways, thanks my friends! |
|
|
|
07-07-2009, 04:38 AM
|
#7 (permalink) |
|
Untangler
Join Date: Aug 2008
Location: Teresina,Brazil - Lake Forest, Ca USA
Posts: 99
|
Well I guess I was wrong...two A records ex: pop.mydomain.com.br pointing to a LAN IP and a WAN IP at the same time obviously wouldn't work. Actually, it work for while, but for user out of my network, the started getting outlook error, cuz my domain was resolving to a LAN IP. Now the solution...I turned on UT's DNS, set my domain and mail server on it and left my public DNS handling only one A record pointing to a public IP. That's it!
Thanks folks! |
|
|
|
07-07-2009, 09:37 AM
|
#8 (permalink) |
|
Untangler
Join Date: Sep 2007
URLs submitted: 23
Posts: 66
|
You already have external DNS pointing to your external IP's, right? Whoever hosts your DNS on the OUTSIDE of your network.
Put put the INTERNAL ip address records for your domain on your INTERNAL DNS servers for your LAN users. Leave the EXTERNAL IP address of your mail servers on the EXERNAL DNS servers. Typically, people's domain controllers serve as their DNS servers in house. Most routers can also be setup to do this function, though if you really need them to. |
|
|
|
08-11-2009, 05:41 PM
|
#9 (permalink) |
|
Master Untangler
Join Date: May 2009
Location: Banja Luka, Bosnia and Herzegovina
URLs submitted: 3
Posts: 102
|
could you please elaborate on that
i too have problem with inside users able to send and recive mail using internal LAN address of the mail server where outside users can send and receive mail using public static IP address i don't want my users to have to change their setting every day |
|
|
|
08-11-2009, 07:15 PM
|
#10 (permalink) |
|
Untangler
Join Date: Sep 2007
URLs submitted: 23
Posts: 66
|
Say that your PUBLIC domain name is company.com, and your private is company.local
Some mail servers respond only to the fully qualified domain name (faqn) that the outside world uses (public). i.e. it may or may not work to send or receive mail using the "mail.company.local" address or the inside IP address in outlook. Your mail server is setup to function as the public domain, not the private. To fix this issue, best practice is to go to your INTERNAL DNS servers (MS Server 2003 and 2008 can do this as well as some gateway routers if you don't yet have internal servers) and setup the company.com domain. Create the zone (AD integrated is what most people with a microsoft environment use) and add an A record, and also MX record for your mail server (presumably mail.company.com) using the INSIDE IP ADDRESS. Now, from one of your work stations, ping your mail servers OUTSIDE FQDN (i.e. mail.company.com). It should resolve to the private address (192.168.x.x, 172.16-32.x.x, 10.x.x.x), not the public address. Try to telnet [fqdn] 25 from a client using your public, and you should get a response from the mail server assuming that the DNS is setup. If you have the mail server in the DMZ, make sure that there are appropriate rule for all necessary traffic to pass (port 25, 143_imap, etc. . . ) |
|
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
|
|
All times are GMT -7. The time now is 03:10 PM.
