Avatar of Dan A
Dan A
Flag for Australia asked on

Using a VPN provided static IP for a home mail server.

Hi all,

For my own curiosity and playing around with Windows Servers at home to save me changing IP address when the ISP updates I purchased a static IP via VPN provider. Also given it would be an IP only used by me, I should be able to send mail and receive mail as it shouldn't be an IP listed in any spam filters.

I have a router which support OpenVPN and have setup port forwarding for incoming connections to my server at home. But can't seem to get anything to be seen while using the VPN static IP.

If I turn off the VPN it works but due to having the ISP public IP address I cannot send mail to a lot of people.

Is there any way I can utilize this VPN purchased static IP for my Exchange Server at home?

My ISP does not provide static IP's otherwise I would have used them.

Thanks
Dan
ExchangeVPNWindows OSWindows 10Azure

Avatar of undefined
Last Comment
Dan A

8/22/2022 - Mon
Shabarinath TR

Hello,

Did you checked if the required ports are really open through the static IP?
I would suggest to test it first to understand the issue.

https://mxtoolbox.com/diagnostic.aspx

Mx Toolbox will allow to do a test easily.

Similarly, for the outbound mails  - Check if you can telnet to a remote SMTP server, from the edge server to double-check if the outbound traffic is allowed.

Hope that helps.
Eirman

I suggest that instead of using a VPN for routing email, you use a proper outgoing mail service.
I highly recommend https://www.smtp2go.com for reliable sending of email.
I have used their free service for 10 years with no problem.

You can login anytime to confirm delivery of your emails ......

LOG Sample
Free accounts come with a monthly allowance of 1,000 emails and an hourly limit of 25 emails
(the hourly limit is removed when you verify your sender domain.)
Paid accounts have no hourly limit and your monthly allowance is based on the plan you choose.

If your account has an allowance of at least 100,000 emails per month,
they automatically assign a dedicated IP address to you.
Qlemo

Let's see how we understand your desired configuration:

Your router is connect via ISP (dynamic public IP) to WAN.
On the router you run OpenVPN to a VPN provider assigning another different (static) public IP.
You expect the VPN to be used for SMTP traffic while connected.

I'm not clear how you imagine to manage that. Does your router allow for policy based routing (source IP or port based)? Exchange tries to send directly to the target mail server, so you cannot run this with conventional static routing.
Reverse, I don't know if the router is able to NAT your internal Exchange server IP correctly to the static public IP either.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Dan A

ASKER
Hi Qlemo, essentially the 3 lines on configuration are correct as per your above mentioned.

The router I have is a Netgear XR500, allows OpenVPN. What I thought was that when I VPN either specific ports or the whole server that it would use the port forwarding back to my internal server, I was thinking that once it hit the router, the router knows to spit it out to the internal server address. I have added a number of different ports for testing. When performing a port scan, the only port which comes back open is 443, with the others showing "filtered". The below are the port forwards.

Screenshot of router.
Qlemo

You expect too much. ONly traffic originating from outside gets mapped correctly. Outgoing traffic, which is no reply on an existing TCP connection (session), will go out via the default gateway.
ASKER CERTIFIED SOLUTION
Jackie Man

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Dan A

ASKER
Thank you all, very much appreciated. I was thinking this was the solution to all my home network testing solution.

I will look into the smtptogo site as well. Maybe they will be open to giving me a refund.

Kind regards
Dan
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Eirman

I cannot send mail to a lot of people
I guarantee that SMPT2GO will fully resolve that problem.

(You also can use the same smtp2go credentials to email from your phone).
Dan A

ASKER
Just a follow up question for Eirman, I now have my email routing outbound via SMTP2GO, is there a solution to get inbound mail happening given I have an ISP dynamic IP Address.

 https://www.experts-exchange.com/questions/29167866/Using-a-VPN-provided-static-IP-for-a-home-mail-server.html?anchorAnswerId=43000973#a43000973
Dan A

ASKER
Heya all,

Just dropping a line to let you know that I found a solution rather than using something like SMTP2GO, I have come across the software https://ddnsbroker.com/ which updates all my host-names dynamically and so far so good, with a signed domain.

Thanks
Dan
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck