Community Discussions and Support
Correct setup for access from the "outside the NAT" world

I knew it was going to be a "duh" moment when I figured it out.   I'll relate here just in case someone else has this incredible set of odd circumstances.

 I have two internet providers.   One router handles all the DHCP services and my normal domains.   The other router is simply to another backup (faster) internet connection.   Incoming connections were coming from one gateway, but the machine was setup to reply on the other gateway.

Now to see if I can force certain ports to one gateway thus enabling me to maintain a faster internet connection on this machine for other connections while keeping Mercury on the main domain.  

Routing 101 here I come. 

<p>I knew it was going to be a "duh" moment when I figured it out.   I'll relate here just in case someone else has this incredible set of odd circumstances.</p><p> I have two internet providers.   One router handles all the DHCP services and my normal domains.   The other router is simply to another backup (faster) internet connection.   Incoming connections were coming from one gateway, but the machine was setup to reply on the other gateway.</p><p><span style="font-size: 10pt;">Now to see if I can force certain ports to one gateway thus enabling me to maintain a faster internet connection on this machine for other connections while keeping Mercury on the main domain.  </span></p><p><span style="font-size: 10pt;">Routing 101 here I come. </span></p>

Newbie question that hopefully has an easy answer.

I'm not unaware of setup of proper network software but this has me stumped.   I run a multi-pc network behind a NAT router.  I currently run Web, POP3, SMTP, FTP on one server with all the appropriate ports forwarded via my DD-WRT flashed router.   All works as it should.   I serve five domains on that one PC.

 I wanted to setup Mercury Mail to offer IMAP to some of my users who travel and would like to have full access to all their email from any device.  Setup was easy.  I put Mercury Mail on a Windows 7 PC. I've created three accounts, and all works as expected "inside" the router.   I use port forwarding on the router to forward ports 143, 993, and 8088 for http.   Nothing ever reaches the PC from the outside world.   I've shut down the firewall completely (still no go)   I thought my ISP was blocking the ports, but if I forward port 143 to port 21 on my normal FTP server machine I can FTP in on port 143 without difficulty. 

I'm using the stock windows firewall (and even disabling it makes no difference).  I'm also running Microsoft Security Essentials. I'm concerned I have something incorrect in my setup that is allowing the inside the NAT world to work while attempts to connect to Mercury on 143 or 993 from outside are ignored.

 My local domain list is a very simple one.

craig craig
craig craig.domain1.com
craig craig.domain2.com

Inside machine address is 192.168.0.3 but I read somewhere that you shouldn't use that address as it means nothing outside the NAT. 

I'm either missing something on letting traffic in on the Windows 7 machine, or in my Mercury setup.  Any ideas what to test?  Where to look?

 

<p>Newbie question that hopefully has an easy answer.</p><p>I'm not unaware of setup of proper network software but this has me stumped.   I run a multi-pc network behind a NAT router.  I currently run Web, POP3, SMTP, FTP on one server with all the appropriate ports forwarded via my DD-WRT flashed router.   All works as it should.   I serve five domains on that one PC.</p><p> I wanted to setup Mercury Mail to offer IMAP to some of my users who travel and would like to have full access to all their email from any device.  Setup was easy.  I put Mercury Mail on a Windows 7 PC. I've created three accounts, and all works as expected "inside" the router.   I use port forwarding on the router to forward ports 143, 993, and 8088 for http.   Nothing ever reaches the PC from the outside world.   I've shut down the firewall completely (still no go)   I thought my ISP was blocking the ports, but if I forward port 143 to port 21 on my normal FTP server machine I can FTP in on port 143 without difficulty.<span style="font-size: 10pt;"> </span></p><p>I'm using the stock windows firewall (and even disabling it makes no difference).  I'm also running Microsoft Security Essentials. I'm concerned I have something incorrect in my setup that is allowing the inside the NAT world to work while attempts to connect to Mercury on 143 or 993 from outside are ignored.</p><p> My local domain list is a very simple one.</p><p>craig<span class="Apple-tab-span" style="white-space:pre"> </span><span class="Apple-tab-span" style="white-space:pre"> </span>craig craig<span class="Apple-tab-span" style="white-space:pre"> </span>craig.domain1.com craig<span class="Apple-tab-span" style="white-space:pre"> </span>craig.domain2.com</p><p>Inside machine address is 192.168.0.3 but I read somewhere that you shouldn't use that address as it means nothing outside the NAT. </p><p>I'm either missing something on letting traffic in on the Windows 7 machine, or in my Mercury setup.  Any ideas what to test?  Where to look?</p><p> </p>

Have you created an A record (eg: imap.domain1.com) that points to your routers IP address?  This would then be the mail server used in IMAP client configuration.

 

<p>Have you created an A record (eg: imap.domain1.com) that points to your routers IP address?  This would then be the mail server used in IMAP client configuration.</p><p> </p>

[quote user="cstrutt"]Inside machine address is 192.168.0.3 but I read somewhere that you

shouldn't use that address as it means nothing outside the NAT.  [/quote]Not relevant for IMAP.

If it works from the local lan, it's not a Mercury problem.

Recheck your port-forwards and firewall.

 

<p>[quote user="cstrutt"]Inside machine address is 192.168.0.3 but I read somewhere that you shouldn't use that address as it means nothing outside the NAT.  [/quote]Not relevant for IMAP.</p><p>If it works from the local lan, it's not a Mercury problem.</p><p>Recheck your port-forwards and firewall. </p><p> </p>

I have a record that points to the router's IP address for multiple domains.  They all get through for web, POP3 and SMTP so I know it's working.   

It looks like it may indeed be something with the Windows 7 setup. <sigh>   You would think shutting off the firewall would allow anything in.   Apparently there is some other security setting that I don't know about.  

Off I go to Windows land...... 

&lt;p&gt;I have a record that points to the router&#039;s IP address for multiple domains. &amp;nbsp;They all get through for web, POP3 and SMTP so I know it&#039;s working. &amp;nbsp;&amp;nbsp;&lt;/p&gt;&lt;p&gt;It looks like it may indeed be something with the Windows 7 setup. &amp;lt;sigh&amp;gt; &amp;nbsp; You would think shutting off the firewall would allow anything in. &amp;nbsp; Apparently there is some other security setting that I don&#039;t know about. &amp;nbsp;&lt;/p&gt;&lt;p&gt;Off I go to Windows land......&amp;nbsp;&lt;/p&gt;
live preview
enter atleast 10 characters
WARNING: You mentioned %MENTIONS%, but they cannot see this message and will not be notified
Saving...
Saved
With selected deselect posts show selected posts
All posts under this topic will be deleted ?
Pending draft ... Click to resume editing
Discard draft