[afnog] mail server

Hyeroba Peter phyeroba at cfi.co.ug
Wed Dec 17 10:50:47 UTC 2008 

Hi guys,
Can I configure an interface e.g. my eth0 to be the DMZ and the External
i.e. FW_DEV_DMZ, FW_DEV_EXT on my SuSEfirewall2 file to point to the same
device? What implications does this have?

Also can I have a fire wall with just the DMZ and without the external i.e
FW_DEV_DMZ and FW_DEV_INT only set?

Kind Regards,

Hyeroba W. Peter 
Computer Frontiers International limited;
Tel: +256 31 230 1800 or +254 41 456 4200; Fax: +256 41 434 0456;
Cell-phone: +256 78 247 9192;
Website: www.cfi.co.ug 


-----Original Message-----
From: SM [mailto:sm at resistor.net] 
Sent: Wednesday, December 17, 2008 11:37 AM
To: Hyeroba Peter
Cc: afnog at afnog.org
Subject: Re: [afnog] mail server

Hi Peter,
At 23:38 16-12-2008, Hyeroba Peter wrote:
>Thanx for the help so far, I removed the settings that you advised and I
>still cannot access the webmail from my network, though others can access
it
>from outside my network over the internet.

Although the subject line says mail server, this problem is not 
related to a mail server.  You mentioned that you cannot access the 
webmail from your network without explaining how you tried to access 
the webmail and the error you got.

I'll make the following assumptions:

Your internal network is behind a NAT with webmail.example.com as the 
hostname for server where the webmail is running.  The 
webmail.example.com domain resolves to 192.0.2.1.  You cannot reach 
that IP address from inside your network.  You have to use 192.168.0.1
instead.

If your network users want to use http://webmail.example.com to 
access webmail, you will have to have the domain resolve to IP 
address 192.168.0.1.  That means configuring your internal DNS server 
to return a different IP address instead of the one seen (192.0.2.1) 
from the Internet.  Alternately, you can edit the hosts file on each 
workstation to have the domain resolve to an IP address which is 
reachable from the internal network.

If you are accessing the webmail by IP address (http://192.168.0.1/) 
and you cannot get to webmail, it could be because the webmail uses a 
specific virtual host in the web server configuration.  In general, I 
suggest using the fixed mentioned above instead of adding a 
ServerAlias in the web server configuration.

There are other possible causes for such problems (firewall, web 
proxy, etc).  The best way to get help is to clearly describe the 
problem in technical terms.  That means providing details about what 
you attempted to do, the steps you followed and the errors or warnings you
got.

Regards,
-sm

More information about the afnog mailing list