Mailing List CGatePro@mail.stalker.com Message #106525
From: Shaun Gamble <listrdr@redco.com.au>
Subject: Re: Multiple NIC problem
Date: Fri, 11 Aug 2017 09:21:15 +1000
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
It is assigned to the main domain, as is the 203.x.x.x address. It was the only way I could receive mail from clients on the internal network.

With regards to why is the 192.x.x.x address for NIC2 not assigned as a LAN address, perhaps I have read the manual incorrectly however I would have thought it was not needed since the address had already been assigned to the Server LAN IP address. Does it also require to be assigned as a LAN address???


On 10/08/2017 10:04 PM, Technical Support wrote:
Hello,

On 2017-08-09 08:00 , Shaun Gamble wrote:
CGP v 6.1.16 (with test .18 dlls)

Windows 2012 64bit

Internal NIC 192.168.x.x

External NIC 203.x.x.x

Our internal networks are all connected through a third party firewall [58.x.x.x] for normal traffic. Internally, our clients connect to the mail server on the mail server's internal NIC. The mail server is connected to the internet through its own internet connection (connected via its external NIC). Internal route command deals with traffic for internal networks (192.x.x.x) and everything else is routed out via the mail servers external NIC. Only the mail server can send traffic out of its external NIC.

Settings->Network

Server LAN IP Address is set to [192.x.x.x]

WAN IPv4 Address is set to [203.x.x.x]

No LAN IP addresses listed.

This has been working quite well for quite a while. The config is not new. However, we received some emails rejected to to reverse DNS errors. The IP listed was our external firewall. It should not have been possible. After viewing the logs I find this (a lot cut out, just proof CGP was sending the outgoing traffic via the wrong NIC, trinitylinks is the receiving server, not mine):

10:36:49.513 4 SMTP-002976(trinitylinks.com.au) connecting [0.0.0.0]:0 -> [202.74.68.5]:25
10:36:49.734 4 SMTP-002976(trinitylinks.com.au) [192.x.x.x]:65032 -> [202.74.68.5]:25 connected to mail.trinitylinks.com.au(ESMTP)
10:36:50.542 4 SMTP-002976(trinitylinks.com.au) cmd: RCPT TO:<reception@trinitylinks.com.au>  NOTIFY=FAILURE,DELAY
10:36:52.502 4 SMTP-002976(trinitylinks.com.au) rsp: 550 5.7.0 Your server IP address [58.x.x.x] is missing a reverse DNS entry. Seehttp://spamauditor.org/best-practices/check-ip-reverse-dns/ for more information. Protection provided by MagicSpam 2.0.10-1http://www.magicspam.com

I "fixed" the problem by changing Settings->Mail->SMTP->Sending Source IP Address from [OS Default] to [203.x.x.x]. Have I missed a setting somewhere? I am pretty sure this has only started since I upgraded CGP to 6.1.16, it happened before the .18 test dlls.

That IP 192.x.x.x apparently assigned to one of the domains in CGPro config (the main one?) and since it's not in the LAN IPs ranges (why?) the server tried to use it for outgoing mail connection. That translated to the OS default routing through that 58.x.x.x address.


--

Shaun
Fitzroy Island <http://www.fitzroyisland.com>
Destination Darwin NT <http://www.destinationnt.com>
MOM Backpackers <http://www.momdarwin.com>
Value Inn Hotel <http://www.valueinn.com.au>
Please do not send any unsolicited email. It is not wanted.

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster