This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mac email client did not send/receive Gmail....but it now does after reinstalling the UTM and setting up Masquerade NAT - why is this??

I just installed UTM SW 9.705-3 on an old Dell PC with two n/w cards - one card connected to my router and the other to a switch for my internal network where I have various Macs and PCs.

Installation went well and I accepted the prompted default installation that included enabling the Firewall settings to allow Web traffic, email traffic, etc. and Web filtering set as transparent mode.

The good news is that I could browse the web however I could NOT send or receive gmail email. 

I had no SMTP or POP3 proxies set up , just the default firewall rules....see attached. Even if I created an additional rule for SMTP SSL 587 mail still would not send. After many hours of playing I gave up I then....

....reinstalled the UTM. 

I answered the initial installation questions exactly the same again however THIS TIME it had also created a masquerading rule in the NAT section - see attached. All email now sends and receives - hoorah

All verry strange and though I am very happy that all is good now can anyone please explain to me why does it need a Masquerade rule set up at all when surely the firewall rules would have been adequate?

Many thanks in advance..

regards, Jonathan

Jonathan



This thread was automatically locked due to age.
Parents
  • Hi Jonathan and welcome to the UTM Community!

    I'm guessing that you didn't specify the WAN port during your first installation, but that you added it after the install.  The second time, the installation wizard knew you had a WAN port and automatically created the masq rule.

    Without a masq rule, your packets were sent out on the internet with a sender IP from your internal network.  When Gmail responded to contacts from you, there was no way for the Internet to route the traffic back to you.

    Masquerading changes the sender IP to the public IP on your WAN interface and the Internet knows how to route that back to your UTM.  The UTM's connection tracker knows that the response should be sent back to your Mac, so it changes the recipient IP to your Mac's IP and sends the packet there.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hi Jonathan and welcome to the UTM Community!

    I'm guessing that you didn't specify the WAN port during your first installation, but that you added it after the install.  The second time, the installation wizard knew you had a WAN port and automatically created the masq rule.

    Without a masq rule, your packets were sent out on the internet with a sender IP from your internal network.  When Gmail responded to contacts from you, there was no way for the Internet to route the traffic back to you.

    Masquerading changes the sender IP to the public IP on your WAN interface and the Internet knows how to route that back to your UTM.  The UTM's connection tracker knows that the response should be sent back to your Mac, so it changes the recipient IP to your Mac's IP and sends the packet there.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children