0

I set up a router with ip-forwarding on Ubuntu 16.04 Server edition. I enabled ip-forwarding in /etc/sysctl.conf . I have set

net.ipv4.ip_forward=1

and executed

sysctl -p /etc/sysctl.conf

I used the following iptables commands:

iptables -A FORWARD -i ${PRV_IF} -s ${PRV_NET} -o ${PUB_IF} -j ACCEPT
iptables -A FORWARD -i ${PUB_IF} -d ${PRV_NET} -o ${PRV_IF} -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A POSTROUTING -t nat -o ${PUB_IF} -j MASQUERADE

I have a different local linux machine behind the router in the ${PRV_NET} from that I want to access server-ports like 22, 25, 80, etc in the internet, e.g. let us say on myserver.com

E.g. accessing Ports 22 and 80 on myserver.com from my local machine works

telnet myserver.com 22 ... works
telnet myserver.com 80 ... works

However I cannot access a mail server on myserver.com from the local machine:

telnet myserver.com 25 ... hangs up

The last command hangs up and never returns.

How can I access mail servers from the local network? Are there any mistakes in the iptables-commands?

sosusu
  • 1
  • Where are these machines located? Who are the Internet service providers? – Michael Hampton Jul 22 '16 at 21:37
  • 1
    How do you know the connection "hangs up"? In SMTP it is not unusual for the server to not send a banner, so it may be waiting for you; or maybe that service is not open on myserver.com. Suggest running tcpdump ("tcpdump -nnv tcp port 25") on your local Linux machine to see whether or not you are getting a SYN-ACK, or perhaps a RST, from myserver.com when you try the telnet on port 25. – Jeremy Dover Jul 22 '16 at 21:40
  • Location is Germany, Provider Hetzner – sosusu Jul 22 '16 at 21:53
  • The mail-service is running, I have access to the mail-server. Besides, I can access port 25 via telnet from the router. I am sorry I am not familiar with tcpdump, I will have a look at that and post information. – sosusu Jul 22 '16 at 22:14

0 Answers0