Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
router-problem ?
hi list, could be that I´m in the wrong list.

The situation; See attached Network-layout

A wireless network made up of 3 Cisco Aironet APs is connected to a Nomadix
USG gateway. The Nomadix is connected to the Internet via an MXStream

The wireless network is working correctly; the only problem lies "outside"
or upstream of the Nomadix.

The Nomadix requires 2 public IP addresses. The MXStream connection only
provides one single IP address. In order to get around this, we have placed
a Netopia Router between the ADSL modem and the Nomadix. This router is
performing Network Address Translation.

The Nomadix also provides an SMTP redirect function. This means that
regardless of the SMTP settings of the end user, the nomadix sends all
outgoing email to the SMTP server of the local ISP, meaning that the end
user does not need to change his or her SMTP server at each different

In some cases (in my experience about 10% of cases), the end user cannot
send email.

The following is the issue who point-out the problem:

1) I could send very short mails (4 lines or so)

2) anything beyond that did not work.

3) telnet to on port 25 was handled by (as it should)

4) "ethereal" did tell me that the communication with the mail server the
Nomadix did emit messages that looked it came from

5) however I also saw equally frequent messages from (the
Netopia) that told me (on icmp) that the host was not reachable.

I assume that this mightily confuses the IP stack (at lease the WinXP
one). What is puzzling me is the fact that the netopia sees these
messages at all.

Mail client was configured to send via This was
correctly diverted to (the smtp server of our ISP).
However a network analyzer detected error messages coming back from the
Netopia router.

The problem then, as I see it, is that the netopia router is not correctly
configured to do NAT - it is in fact doing NAT, but it is interfering with
email, which it should not do.

Please note that MXStream uses the PPTP protocol, so the router needs to be
able to terminate a PPTP connection.

Any suggestion are most appreciated.

// glenn
< Previous Next >
This Thread
  • No further messages