Re: DNS setting behind NAT router

From: Antoine EMERIT (gnagnagna_at_incredebilous.blackhole)
Date: 08/15/05 

Date: 15 Aug 2005 10:19:43 GMT

"Joseph" <bex256@yahoo.com.tw> écrivait news:1123938535.485007.152090
@g43g2000cwa.googlegroups.com:

> I don't know if it's possible to setup my sendmail working under Fedora
> Core 3.
>
> I have a domain name with a fixed IP. I have a wireless access point
> with NAT activated between my LAN and internet. I am not going to
> involve with the wireless part but just connect my linux box to the NAT
> router which has DHCP server running.
>
> My problem is how do I configure BIND and Sendmail to make Linux
> working as if it was directly connected to Internet? Can I just forward
> port 53, 25, 110 to the Linux box and keep all the public IP setting
> unchanged and just add 192.168.x.x setting to BIND?

Yes, forwards the port udp&tcp/53, tcp/25 and tcp/110 from the firewall
public access to the linux box.

But take care to configure your sendmail to disable open mail relay.

For the pop access (tcp/110), I suggest you to setup an ssl access only
(tcp/990 if I remenber).

And in your bind configuration, you should enter your Internet public ip
for the external service (i.e.: smtp.your_domain should point to your
public ip, the MX record sould point to your public access too).

In your internal LAN you should use the local server ip address (smtp and
pop server=192.xxx on your lan mail client software).

Regards

Relevant Pages

  • Re: DNS setting behind NAT router
    ... I have a wireless access point ... >> with NAT activated between my LAN and internet. ... the MX record sould point to your public access too). ... Thank you Antoine EMERIT! ...
    (comp.os.linux.networking)
  • Re: EBS 2008, TMG and external firewall. Dont want double NAT
    ... This is done because Exchange is bound to the internal interface and leaves the external interface to be *completely* controlled by TMG...a good security guideline by the way. ... If you are disabling NAT then you'll need to change this from a publishing rule to an access rule, but it should still work fine. ... The first is an access rule allows traffic from the internal IP to the external interface and to the messaging server ... One of the default rules is an "internet access for all users" that allows http and https by default. ...
    (microsoft.public.windows.server.sbs)
  • Re: Routing and Remote Access NAT - I need to modify TTL
    ... with two interfaces: PUBLIC (internet) and PRIVATE ... use it as a gateway, they can access hosts on the PUBLIC interface, TTL is ... but the replay that comes back to the NAT ... They relay on the fact that client computers accept packets with TTL=0, ...
    (microsoft.public.windows.server.networking)
  • Re: Routing and Remote Access NAT - I need to modify TTL
    ... with two interfaces: PUBLIC (internet) and PRIVATE ... use it as a gateway, they can access hosts on the PUBLIC interface, TTL is ... but the replay that comes back to the NAT ... They relay on the fact that client computers accept packets with TTL=0, ...
    (microsoft.public.windows.server.networking)
  • Simultaneous NAT overload (internet) and NAT overlapping for IPsec
    ... There is a pure IPsec tunnel between SITE1 and SITE2. ... SITE1 also has an internet connection via ISP1 which is used to ... the NAT overload from SITE1. ... interface on ISP1) its "also" translating the addresses across to ...
    (comp.dcom.sys.cisco)