Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Traffic Policy rule for KWF & Exchange Mail Server?
  •  
max79

Messages: 2
Karma: 0
Send a private message to this user
Please help me to solve the problem - Cant recieve any mail on mail-server running on lan.

This rule dont work:

source: Internet (external registered IP)
Dest: Firewall
Service: SMTP
Action: Permit
Translation: MAP 192.168.0.1:25 (IP of mail server on LAN)

  •  
LordGraj

Messages: 39
Karma: 0
Send a private message to this user
Try this rule
source: Internet (external registered IP)
Dest: Firewall
Service: SMTP
Action: Permit
Translation: MAP 192.168.0.1 (IP of mail server on LAN)

Without port Mapping
  •  
max79

Messages: 2
Karma: 0
Send a private message to this user
LordGraj wrote on Mon, 23 May 2005 14:37

Try this rule
source: Internet (external registered IP)
Dest: Firewall
Service: SMTP
Action: Permit
Translation: MAP 192.168.0.1 (IP of mail server on LAN)

Without port Mapping


it's not working Sad
  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
Rule to allow access from internet to a mailserver in LAN
name: Mail service
source: internet (network connected to interface ...)
dest: firewall
service: SMTP
action: allow
log: none
translation: MAP, translate to ip address of mailserver (internal address)
protocol inspector: default

In the sample of LordGraj the source is not correct. Its not the external ip address. The source is the whole internet. Replace the source with: network connected to interface <internet>. Use port mapping only if needed.
  •  
tekhead

Messages: 4
Karma: 0
Send a private message to this user
someone is seriously misinformed I just tried exactly what was put here and no effect nor any mail.

this is what i have
xp pro (gateway)
win2k3 sbs running all serivces exchange, http, ftp, (server)
since kerio was set up no mail what so ever even spent 4 days trying to find the answer on here as this is the closest still nothing. maybe I should just find another solution to purpose to the board of Dir
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
Did you try to see what is logged to the debug log for SMTP protocol inspector? Did you try to disable SMTP protocol inspector?

These two steps are basic for troubleshooting SMTP problems.

Also make sure that email delivery to your server (MX records) is configured properly.
  •  
tekhead

Messages: 4
Karma: 0
Send a private message to this user
I shall try and let you know
  •  
tekhead

Messages: 4
Karma: 0
Send a private message to this user
ok I've tried with the prot inspedtor, w/out it
currently the wizzard created the following connections i even tried adding a service that required ports 1700-1760 and tcp 1799
with out the isnooker services added it does not work at all
after they have been added it works fine. with default services


source dest. service prot translation
internet=> firewall smtp none default mail server.

firewall => internet dns default none
smtp
pop3
isnooker
isnooker logon

Local lan => internet dns default typical setting
smtp
pop3
isnooker
isnooker logon

primary mail server has the following dns records
mail.server mx 10
gateway. mx 20

pri dns 127.0.0.1
sec dns gatewayip(internal)


gateway has

pri my pri server addy.
sec 127.0.0.1


maybe i'm missing something but when i disable the kwf mail services work fine. so everything points to the kwf which must be blocking my mail services .

if you have any more questions . I really appreaciate the help. from what i have seen kwf has a great interface. I essentally have 3 weeks left to get this operational and tested. so all help is welcome to get this project off the ground and working


here's one for the books and being that i'm not sure but i believe that the default prot inspector was the culprit.

well after some getting down to basics
here were the result for the others that are looking for the same solution.

here goes.

after trying the above i decided to try a reconfig of the Inet services on my win 2k3 sbs server.

went to connect to the internet under system management.
reran the wizard.
went to my kwf box running win xp pro
set
source dest prot inspect
Local lan => internet none (was set to default)
firewall => internet none (was set to default)
internet=> firewall smtp

restarted both machines

logged into my hotmail and my yahoo mail accounts and sent a test email to myself
also i opened outlook and sent a test email to both my yahoo and hotmail accounts
all three accounts recieved emails and now everything seems to be working fine.
woo hoo. 4 day of my life havent been wasted after all.

if anyone wants more info just post a message because i had a really hard time trying to find information on connecting my exchange server to the gateway

I really think that because windows 2003 server and ms exchange are such common configurations that there should either be a walk through to connect it or a wizzard with very detailed instructions.

[Updated on: Thu, 11 October 2007 06:58]

  •  
tekhead

Messages: 4
Karma: 0
Send a private message to this user
oh and when i look at the connection logs there are over 150 connections for smtp servers trying to connect.
Previous Topic: 2 interfaces NAT, different LANs
Next Topic: Traffic Quota Exceeded Page
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 15:11:58 CET 2017

Total time taken to generate the page: 0.00484 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.