Hello Everybody

I got one issue for iptables port forwarding to exchange server 2003.

here is my network setting

my linux box...
eth0 - 172.16.1.75
eth1 - 192.168.10.36


Exchange server 2003 with AD domain /dns
nic - 172.16.1.73

Client ip..
ip - 192.168.10.35/24
gw - 192.168.10.36
Dns - 172.16.1.73

(iptables config)

-A POSTROUTING -o eth0 -j SNAT --to-source 172.16.1.75
-A FORWARD -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o eth2 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.10.30 -o eth0 -m state --state NEW -j ACCEPT
-A FORWARD -s 192.168.10.35 -o eth0 -p tcp -m state --state NEW -m multiport --dports 21,123,137,143,138,139,3268,389,53,53211,53212,88 -j ACCEPT
-A FORWARD -s 192.168.10.35 -o eth0 -p udp -m state --state NEW -m multiport --dports 21,123,137,143,138,139,3268,389,53,53211,53212,88 -j ACCEPT

I can telnet from client with 25,110 and even rejoin the domain.
but when I open outlook and connect with exchange setting ... popup
"exchange server is not available"

Can anybody help me out with this issue?

regards;

Well

It seems that when the answer from the AD server is SNATed to the gateway IP, when you actually asked for the IP AD server.

Remove the AD server from the SNAT or

DNAT those 25, 110 ports to the AD, and the client should ask for the gateway IP.

Hope this will help
Caveman

Thanks for your reply.

let me try and get back to you....