PFsense 2.2.2 pop3
-
-
from LAN i can't connect to the pop3…..
By default pfSEnse setup will not block [any destination - port 110].
So, please communicate your settings.Also: remove squid and everything starts to work, right ?
….but when try to sending a mail ,that mail shown a pop3 error..how do i slove this error?
retrieving mail (pop3 = destination port 110) has NOTHING to do with sending mails (smtp, on destination port 25 or 587, 465 (smtp ssl))
… except if you are using an ancient protocol (last century ?!) called pop-before-smtp which is currently being kept alive in military laboratories. -
thank you guys reply to me… i posted the LAN & WAN rules and pop3 error.
-
From that same client…
- Can the POP3 server name be resolved to IP address? nslookup mail.mi-synergy.com
- Can the POP3 server be pinged? ping mail.mi-synergy.com
- Can the POP3 server be connected to on port 110? telnet mail.mi-synergy.com 110
If the client is Windows 8, the telnet client may not be active by default. To activate it go to Control Panel - Programs - Turn Windows Features on or off. Once there find Telnet Client.
-
From that same client POP3 server name can't resolved ,can't ping and can't telnet. but i can browse the internet…
when disconnect LAN and plug a usb dongle i can send and receive mails.. -
You need to allow UDP for DNS to work. You need to allow ICMP to ping. The last LAN rule should be ANY as protocol, not TCP!
-
At this moment i can't add any rules for pfsense because now our working hours. i'll informed you after i adding that rules
thank you doktornotor, -
You need to allow UDP for DNS to work. You need to allow ICMP to ping. The last LAN rule should be ANY as protocol, not TCP!
Good shot !
DNS is completely out - ping also.
I wonder what the meaning is of that "TCP only rule" (except break an Internet connection).@damithudayangakumara : you blocked the web GUI access, are you using https ? Do you have people on your LAN that you do NOT trust ?
-
I wonder what the meaning is of that "TCP only rule" (except break an Internet connection).
I think it has no meaning, except for being poorly chosen default for new rules for some reason which users forget to change.
-
You need to allow UDP for DNS to work. You need to allow ICMP to ping. The last LAN rule should be ANY as protocol, not TCP!
Good shot !
DNS is completely out - ping also.
I wonder what the meaning is of that "TCP only rule" (except break an Internet connection).@damithudayangakumara : you blocked the web GUI access, are you using https ? Do you have people on your LAN that you do NOT trust ?
no i want to monitor what are they access and there usages..
-
You need to allow UDP for DNS to work. You need to allow ICMP to ping. The last LAN rule should be ANY as protocol, not TCP!
after adding this "IPv4 * * * * * * none"
guys pop3 error has been solved..thank you all …
-
You just need the second rule. That TCP/UDP and ICMP one is completely redundant when you have the (default) allow all on top of them.
-
I'll just point out that your WAN side rules are similarly flawed.
Your NAT rules to allow IPSec traffic to a server at 192.168.0.9 will not pass the required UDP traffic.Steve
