Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Help with "Connection to mydomain.com failed/refused by server"
  •  
Wazomba

Messages: 9
Karma: 0
Send a private message to this user
Hi all, my pb is similar to many others but I cannot understand why my traffic rules don't work !! Mad
So I post one more time :
(Sorry for the long post, I want to give max overview for the too much time I spent searchin for solution Confused )

I aim to publish an intenal webserver through KWF. (that seems easy, huh ?).
The domain name to be used has been registered to a public DNS like this (And DNS lookups tells it works fine):
myweb.mydomain.com --> 196.201.85.y (Public IP)
===============================
My config :
===============================
|
| z.z.z.z (ISP private IPs)
ISP
| 192.168.10.y
|
| 192.168.10.x
ISP ROUTER
| 196.201.85.x (KFW Gateway IP)
|
| 196.201.85.y (Public IP)
KFW SERVER 6.1
| 10.10.10.x (LAN IP = LAN Gateway IP)
|
|
LAN IIS/MAIL WEBSERVER
| 10.10.10.y
|
===============================
I also have this traffic rule setup :
===============================
name: WEB PUBLISHING
source: WAN
dest: FIREWALL
service: http, https
Action : Permit
translation: MAP to IP 10.10.10.y (Internal Webserver IP)
Valid on : Always
Inspector : Default
===============================
My problem is :
===============================
- All LAN computers can browse the web and send/receive mails
- No LAN computers can browse the Internal LAN IIS/MAIL WEBSERVER using its domain name (http://myweb.mydomain.com). KFW says "Connection to myweb.mydomain.com failed/refused by server)
- External computers cannot reach the internal webserver
- All computers can reach "myweb.mydomain.com" ONLY when I install it on the KFW machine as an IIS web server (That shows my DNS registration works fine).

Can anyone help ? Sorry again for this long post but i MUST solve this pb.
  •  
Petr Dobry (Kerio)

Messages: 782
Karma: 61
Send a private message to this user
Wazomba wrote on Tue, 30 August 2005 18:15


- No LAN computers can browse the Internal LAN IIS/MAIL WEBSERVER using its domain name (http://myweb.mydomain.com). KFW says "Connection to myweb.mydomain.com failed/refused by server)



That's correct behavior. Traffic rule you mentioned above doesn't permit this traffic. And also you should read this Knowledge Base article about it: http://support.kerio.com/kb/151
Quote:


- External computers cannot reach the internal webserver



This is wierd. Check if you have set default gateway on your LAN IIS/Mailserver.

Petr Dobry
Product Development Manager | Kerio
  •  
Wazomba

Messages: 9
Karma: 0
Send a private message to this user
Thks very much. The webserver is reacheable from everywhere (LAN or WAN Users). I edited the host file.

But i have newer question: How can I publish other internal webservers ? (have added another webserver to the figure below).

I tried to add entries in the hosts file but EXTERNAL browsers display the same site whatever domain we give them (web1.domain.com or web2.domain.com).
Internal browsers are OK and display each site correctly.

Notice: As told in the link you provided, so rules do not work in my case ? (I disabled them and everything is working fine instead)
===============================
My config :
===============================
|
| z.z.z.z (ISP private IPs)
ISP
| 192.168.10.y
|
| 192.168.10.x
ISP ROUTER
| 196.201.85.x (KFW Gateway IP)
|
| 196.201.85.y (Public IP)
KFW SERVER 6.1
| 10.10.10.x (LAN IP = LAN Gateway IP)
|
|
LAN IIS/MAIL WEBSERVER --- ANOTHER LAN WEBSERVER
| 10.10.10.y (10.10.10.w:SpecialPort)

  •  
niloshima

Messages: 10
Karma: 0
Send a private message to this user
hi

My web server can access by from the inernet. But still can not access from my LAN. I just put the Special NAT rule. But still get the Mad

I do not want to use the host file thing. Insted of like to use the
Special NAT rule.

Connection to server www.server.com failed (Connection actively refused by the server

Please help
Previous Topic: WinRoute VS HSBC (Bank of Hogk Kong)
Next Topic: hlep my plz!
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 04:05:41 CET 2017

Total time taken to generate the page: 0.00461 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.