Community discussions

 
waluszek
just joined
Topic Author
Posts: 1
Joined: Mon Feb 03, 2014 12:12 am

port forwarding problem to mailserver zimbra

Sat Jul 08, 2017 11:36 pm

Hello all,
I have a problem with port forwarding to mail server, zimbra.
The server is behind nat, after redirecting single ports the mails do not reach the server.
But when I redirect the range 1-65535, it causes the mails to arrive correctly.

Does anyone have an idea what could be causing such a bug.
    

 7    chain=dstnat action=dst-nat to-addresses=11.11.11.212 to-ports=7143 protocol=tcp dst-address=81.219.x.x 
      dst-port=7143 log=no log-prefix="" 

 8    chain=dstnat action=dst-nat to-addresses=11.11.11.212 to-ports=7993 protocol=tcp dst-address=81.219.x.x 
      dst-port=7993 log=no log-prefix="" 

 9    chain=dstnat action=dst-nat to-addresses=11.11.11.212 to-ports=143 protocol=tcp dst-address=81.219.x.x  
      dst-port=143 log=no log-prefix="" 

10    chain=dstnat action=dst-nat to-addresses=11.11.11.212 to-ports=110 protocol=tcp dst-address=81.219.x.x  
      dst-port=110 log=no log-prefix="" 

11    chain=dstnat action=dst-nat to-addresses=11.11.11.212 to-ports=22 protocol=tcp dst-address=81.219.x.x 
      dst-port=8888 log=no log-prefix="" 

12    chain=dstnat action=dst-nat to-addresses=11.11.11.212 to-ports=7071 protocol=tcp dst-address=81.219.x.x 
      dst-port=7071 log=no log-prefix="" 

13    chain=dstnat action=dst-nat to-addresses=11.11.11.212 to-ports=465 protocol=tcp dst-address=81.219.x.x 
      dst-port=465 log=no log-prefix="" 

14    chain=dstnat action=dst-nat to-addresses=11.11.11.212 to-ports=9071 protocol=tcp dst-address=81.219.x.x  
      dst-port=9071 log=no log-prefix="" 

15    chain=dstnat action=dst-nat to-addresses=11.11.11.212 to-ports=3443 protocol=tcp dst-address=81.219.x.x 
      dst-port=3443 log=no log-prefix="" 

16    chain=dstnat action=dst-nat to-addresses=11.11.11.212 to-ports=995 protocol=tcp dst-address=81.219.x.x 
      dst-port=995 log=no log-prefix="" 

17    chain=dstnat action=dst-nat to-addresses=11.11.11.212 to-ports=993 protocol=tcp dst-address=81.219.x.x 
      dst-port=993 log=no log-prefix="" 

18    chain=dstnat action=dst-nat to-addresses=11.11.11.212 to-ports=10000 protocol=tcp dst-address=81.219.x.x 
      dst-port=10000 log=no log-prefix="" 

19    chain=dstnat action=dst-nat to-addresses=11.11.11.212 to-ports=587 protocol=tcp dst-address=81.219.x.x  
      dst-port=587 log=no log-prefix="" 

20    chain=dstnat action=dst-nat to-addresses=11.11.11.212 to-ports=25 protocol=tcp dst-address=81.219.x.x  dst-port=25 
      log=no log-prefix="" 

21    ;;; Dns redirect
      chain=dstnat action=redirect to-ports=53 protocol=udp dst-port=53 log=no log-prefix="" 
 
erlinden
Member Candidate
Member Candidate
Posts: 174
Joined: Wed Jun 12, 2013 1:59 pm

Re: port forwarding problem to mailserver zimbra

Sun Jul 09, 2017 11:19 am

What port did you forward for mail? Think that port 25 should be forwarded at leat for mail purposes. Can you explain the attached rules?
 
IntrusDave
Forum Guru
Forum Guru
Posts: 1290
Joined: Fri May 09, 2014 4:36 am
Location: Rancho Cucamonga, CA

Re: port forwarding problem to mailserver zimbra

Sun Jul 09, 2017 11:32 am

The NAT looks okay - though I would remove the DNS redirect.
Do you have the correct Forward Accept rules?

Oh, also - all of those rules could have been simplified into one.

chain=dstnat action=dst-nat to-addresses=11.11.11.212 protocol=tcp dst-port=22,25,110,143,465,587,993,995,3443,7071,7143,7993,9071,10000
David Joyce
Network & Security Engineer
Intrus Technologies, LLC.
Rancho Cucamonga, CA, USA

Who is online

Users browsing this forum: No registered users and 39 guests