How to route outgoing traffic going to port 25 into different gateway?

you need to tell the router to pass/nat 10.x.y.z too not only 192.168.1.0/24. i don't know if that's possible with the "plastic/appliance" routers but it's certainly possible with a freebsd / openwrt / cisco/ any where you have more control than a simple web interface. while your def gw is through 10.x.y.w all your outgoing connection local ip will be 10.x.y.w. if you run sendmail locally you can tell it to send from 192.168.1.90 via ClientPortOptions config directive.
 
covacat said:
you need to tell the router to pass/nat 10.x.y.z too not only 192.168.1.0/24. i don't know if that's possible with the "plastic/appliance" routers but it's certainly possible with a freebsd / openwrt / cisco/ any where you have more control than a simple web interface. while your def gw is through 10.x.y.w all your outgoing connection local ip will be 10.x.y.w. if you run sendmail locally you can tell it to send from 192.168.1.90 via ClientPortOptions config directive.
Click to expand...
Thanks! I'm not sure if that would be possible with my router, but I will try tomorrow.

covacat said:
while your def gw is through 10.x.y.w all your outgoing connection local ip will be 10.x.y.w.
Click to expand...
I thought that the packet flow with VPN on was like that:
192.168.1.90 (me) -> 192.168.1.1 (router) -> 10.x.y.z (VPN server; a gateway) -> destination. And receiving is in backward order. Since VPN server acts a gateway, with incoming traffic, it tells my router that destination should be 192.168.1.90 so now router knows where to send packets.

But know what we're trying to do is:
192.168.1.90 (me) -> 192.168.1.1 (gateway) -> ...
but the packet that we send this way has a source address of 10.x.y.z, which my router can't handle?

But now I thought about it once again and got confused: how does ipfw rule that I added works then? I mean, it forwards packets to 192.168.1.1, but the packet would anyway go into my router, otherwise how would it access 10.x.y.z? I'm certanly lacking some basic knowledge here, but I believe I will now learn from practice.
 
when you bypass the vpn with ipfw forward the initial tcp packet will be created as usual with the source address of the interface having the default route so 10.something. so it will leave your system via the em0 ethernet but with a source of 10.x.x.x. there are 3 possibilities at the router
router sees 10.x.y.z as source and drops it because its not what it is it's idea of a legit lan packet
router sees 10.x.y.z as source and passes it without nat so it is dropped at your isp most likely or somewhere upstream (anyway nobody knows how to reply to it)
router sees 10.x.y.z and translates it and passes it (in this case it will work)

so unless you can properly set up the router (small chance unless it runs linux and you can ssh into it / but even then saving config may be problematic) the best is to run a mta locally that can send mail from 192.168.1.90 (sendmail can, i don't know about postfix or others) (dma does not seem to be able to do it)
then (with sendmail) you can send mail from command line or if you have a desktop program like thunderbird config it to use smtp on localhost
 
You must log in or register to reply here.
Back
Top