[Last Call] Learn how to a build a cloud-first strategyRegister Now


Problem accessing secondary network at home

Posted on 2011-05-05
Medium Priority
Last Modified: 2012-05-11
ATT Uverse is my ISP. They provided me with a 2wire router and a block of ip addresses. I have a sonicwall in front of the 2wire with it's own public ip. From outside my home I can access everything I need to just fine.

The 2wire router has a builtin WAP and it serves the internet to my family. I do a lot of work out of my house and have to tunnel into a couple of client sites and that is why I have the sonicwall. I host my mail server in-house which is behind the sonicwall as well  and I would like for my family to be able to reach it from the 2wire and right now they are unable to. I have access rules that allow source * to the ip on the lan that belongs to the mail server. Any ideas why I wouldn't be able to connect from the 2wire network using a different public ip to my mail server that is behind the sonicwall? My guess there is a route or another access rule I'll need but I am not sure what it is.
Question by:J C

Expert Comment

ID: 35696649
Disable the DNS client service on the computer in question. That'll
prevent it from caching DNS entries locally, and ask the DNS server for
every name it needs to resolve.

LVL 12

Expert Comment

ID: 35696734
Can you ping to the mail server using the domain name from you the machines connected to the 2 wire?
Ping results will confirm that you are able to communicate between the mail server and the family lan.

Also I am assuming you are connecting the 2wire router behind the sonic wall and you are able to access the mail server from the exterior.
In this case look at the machine that is hosting the mail server.
Is there a strict firewall on the machine in question.
Are there any restrictions at the mail server itself for relaying mails.

What mail server are you running?

LVL 33

Expert Comment

ID: 35698461
What model of sonicwall do you have? You mention * in your rule, so I'm assuming you have a tz170 with standard OS.
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

by:J C
ID: 35704185
When I ping the mail server from a computer connected to the 2wire it resolves correctly to the outside IP of the Sonicwall but times out. I cannot connect on any port to the mail server either. I am sure it has something to do with the sonicwall and needing a setting tweaked. There is nothing on the mail server as far as a firewall itself that is restricting connections to it.

TZ 180.
LVL 12

Expert Comment

ID: 35704375
I reckon the sonicwall is configured to drop off ping packets.
For mail server to work with your 2wire clients, the sonic
wall has to allow specifically traffic on port 25 and 110.

Some of the other ports which may also need to be open at the sonicwall depending
on what type of mail server you are running.
POP3 - port 110
IMAP - port 143
SMTP - port 25
Secure SMTP (SSMTP) - port 465
Secure IMAP (IMAP4-SSL) - port 585
IMAP4 over SSL (IMAPS) - port 993
Secure POP3 (SSL-POP) - port 995

If you are running the Sonicwall Email Security Solution you will have to configure it correctly to
allow access from the exterior for the mail packets.

Just for testing is it possible to connect and test you 2Wire client via a switch to the email server?
LVL 33

Accepted Solution

digitap earned 2000 total points
ID: 35707297
Does the 2wire have a public IP? You indicate that the sonicwall is in front of the 2wire. If you "users" can't access the mail server, then it's possible (in this configuration) that you need a loopback. If you run the public server wizard on the 180, it should create ingress, egress and loopback NAT policies. The loopback allows internal hosts to access an internal server using the public IP.

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question