Web and mail server

Hi Experts,

I have just set up the following to host websites and email for our clients -

Host - Server 2008R2 (ENT)
Virtual OS1 -(STD) Server2008R2 - D/C has the program mailenable std version installed on it for clients mail.
Virtual OS2 -(STD) WebServer2008R2 - Websites

The problem is our clients checking their webmail which also needs to come through on the same port as the webserver.(Which is on s different internal IP) I tried to make this port 8080 but I obviously have this wrong as it is not working all I get is the standard IIS7 page come up which is the default webpage on 192.168.17.10

I cant use SSL 443 as the standard of mailenable wont allow this on this version.

So I have traffic coming in on port 80 directed to internal ip 192.168.17.14
The D/C is 192.168.17.10 where mailenable is installed.

We are only using a Netgear DG834G until we decide on what hardware we require and work out the budget.
It doesnt appear that this modem can do port translation like a cisco... is this possible am I missing an easy solution here?


If you could let me know if possible to get around this would be great.

Thanks in advance
AndrewPartnerAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
AndrewConnect With a Mentor PartnerAuthor Commented:
Solution - Was to move Mail Enable to the Web Server to resolve for now thanks for your suggestions.
0
 
Aaron TomoskySD-WAN SimplifiedCommented:
These guys show how to do it in a telnet session because the web interface doesn't do it.
http://forums.thinkbroadband.com/dslrouter/3277739-netgear-dg834g-or-other-router-port-redirection.html
0
 
zulumikeConnect With a Mentor Commented:
I would recommend having 2 wan ip's and a router/firewall that can handle multiple wan-ip.
Makes things much easier....
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Aaron TomoskySD-WAN SimplifiedCommented:
When it's time to upgrade check out the sonicwall probably tz210. Don't add wifi, do that third party.
0
 
AndrewPartnerAuthor Commented:
thanks guys..

Aaron I had actually looked at port forward yesterday have you used before? should I go ahead and do this? they seem to have a good guarantee to get it working. Had a quick look into sonicwall will take a closer look this weekend.

I hear what you are saying zulumike but it would end up being a little too costly new line, new modem, time.... down the track we will.



cheers
0
 
AndrewPartnerAuthor Commented:
Aaron..Sorry totally missed the link you were talking about re:telnet shall try that this weekend  thanks
0
 
zulumikeCommented:
You don't need two modems/two lines to have two ip's.
You can have two ip-adresses on the same line (at least from most isp's I know). And that doesn't always cost much.
But you need a firewall that can handle that. I use Fortigate and are very pleased with that.
0
 
AndrewPartnerAuthor Commented:
Your right Zulumike, thought about that yesterday... definetly would need to change the modem though... going to try the telnet option if that doesnt come off will probably go for your option cheers.
0
 
AndrewPartnerAuthor Commented:
Aaron,

Finnally got to try the telnet made it to the ip tables section but have become a little lost.

Have you tried this by any chance? there is quite a few scenarios but to clarify what I have is -

192.168.17.10 - port 25 for mailserver
192.168.17.14 - port 80 for webserver

need a port for webmail on 192.168.17.10 so according to below I should be able to follow this and get it to redirect to another port that I specify and webmail will be come possible or I can change the port for webserver.

Quoted from your weblink -

"First I suggest you create a new rules chain for your redirection. I used the following command : iptables -N MyRules

Next you can add as many rules as you which in your new chain. For example : iptables -A -i ppp0 -p tcp -m tcp --dport 100 -j DNAT --to-destination 192.168.0.87:101

This rule tells that any TCP packet coming from interface ppp0 and targeting port 100 is to be translated so as to be forwarded to port 101 on machine 192.168.0.87

Next you have to trigger this rule. I did so by inserting it in the PREROUTING chain of the translation table, using the command :

iptables -t nat -I PREROUTING 5 -i ppp0 -j MyRules"


cheers
0
 
Aaron TomoskyConnect With a Mentor SD-WAN SimplifiedCommented:
No I haven't done this

Do the first command as is. Then do this for the second:
iptables -A -i ppp0 -p tcp -m tcp --dport 8080 -j DNAT --to-destination 192.168.17.10:80

Then the third Is the same as the example.

Remember if you mess-up you can always reset the router so track any important info and backup your config.
0
 
AndrewPartnerAuthor Commented:
Fanatstic thanks for that... shall being attempting tomorrow.
0
 
AndrewPartnerAuthor Commented:
Ok had a chance to login and attempt to setu,p but ran into the issue of iptables not found attempting to resolve... if you know how to install or how to resolve would be handy. In the meantime I shall keep looking.

Cheers
0
 
ModalotEE ModeratorCommented:
Objection to let asker accept additional posts.

Modalot
Community Support Moderator
0
 
AndrewPartnerAuthor Commented:
This was the quickest and easiest for now but I believe both comments from aarontomosyl and zulmike would be of benefit down the track.
0
 
Aaron TomoskySD-WAN SimplifiedCommented:
Let us know if you have Amy questions setting up a router that handles multiple wan ips. I'd still suggesta sonicwall and not a wifi one.
0
 
AndrewPartnerAuthor Commented:
Shall do thanks for your help Aarontomosky!!!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.