Re: Unable to Establish Telnet Connection to Outside Static IP

Dougger, be very specific with them. Ask them 'is the activity using SMTP to
send mail', you might also ask them 'do you expect to be able to collect
mail via POP3'.

The test from inside your network to the public IP may be failing for a
quite different reason, a limitation of most routers known as 'loopback
connection processing'. This is where a router accepts a request on it's
internal IP for a resource on the external IP which is redirected to a
server on the internal subnet, most simple NAT routers do not handle this.
(even some more advanced firewall devices don't)

SMTP operates via port 25. From a DOS box on the server, 'telnet internalIP
25' do you get a response? You don't say whether you are running a single or
dual NIC config, if running dual NICs on the server we'll come back to it, I
don't want to complicate things.

If you get a connection you should get a reply from Exchange, the SMTP
banner, type 'quit' to exit but you wont see it echoed.

I'm guessing you have port forwarding on the router set up, you want to
forward publicIP:25 to SBSIP:25 then test _from outside_ the network.

If this process also needs to collect mail you will need to start, and set
to auto, the POP service.

"Joe" <joe@xxxxxxxxxxxxxx> wrote in message
news:e1ZnwhaZHHA.4692@xxxxxxxxxxxxxxxxxxxxxxx
Dougger34 wrote:
I believe the telnet connection is trying to be made to our exchange
server which is also our Windows Small Business Server. The outside
company that is setting it all up told me that they cannot establish a
telnet from inside our network to our outside static IP. Should they be
trying to telnet within our network? I have to be honest and tell you
that I have very little experience with telnet.


It's an old TCP/IP protocol for sending data and commands to a remote
machine, and can be used for many things. I would have thought a safer
protocol would be used in the twenty-first century. The default port
for a Telnet server is 23, but they are risky things to run, and in
any case a Telnet client can connect to many kinds of server. The
suspicion has to be that in this case it needs to connect to a SMTP
server, on port 25. Telnet traffic is not encrypted in any way. Not
even the passwords. Bad idea.

What I would also have thought is that to connect from one LAN machine
to another by going out of the front door and back in again, as it were,
is not the best way of doing things. I have a feeling that some routers
will accept connections to their WAN port via their LAN ports, and some
won't. Even if your present router was willing to play ball, a future
replacement might not.

You're sitting in the middle, and without us knowing exactly what needs
to be achieved, we probably can't help much. My best guess at the moment
is that something on the SBS needs to send email to the Linux machine.
As far as I know, there's no command-line email client available on a
Windows machine, but presumably the Exchange API can be used.

I also don't see the problem with Exchange. It's entirely normal for
more than one SMTP server to exist in a network, and they can either
be totally independent or one can use another for relaying. The only
limitation is that incoming SMTP can only be routed to one of them, but
that's not a problem, as it can relay to others as necessary.

If we knew what needs to send email where, and whether Telnet really
needs to be involved, we could probably advise you. It seems fairly
certain that the public IP address should only be involved in Internet
connections, and anything within the LAN should avoid trying to use it.


.

Loading