# outlook cant connect through FreeBSD box



## kondziq (Jun 24, 2010)

Hi Guys, 

I just set up Outlook 2007 on a PC and trying to connect to a pop3 server (somewhere outside, say yahoo for example). I can see this in my pflogs:

```
20:35:11.948561 rule 23/0(match): pass in on rl1: 192.168.1.10.49803 > 77.238.178.122.110: [|tcp]
20:35:11.948601 rule 24/0(match): pass out on rl0: 172.16.10.2.59910 > 77.238.178.122.110: [|tcp]
20:35:32.969043 rule 25/0(match): pass in on rl1: 192.168.1.10.49805 > 77.238.178.122.25: [|tcp]
20:35:32.969096 rule 26/0(match): pass out on rl0: 172.16.10.2.50128 > 77.238.178.122.25: [|tcp]
```
Outlook however, says it can't connect. I also tried same account with the same settings with another, direct connection (not through my FreeBSD box) and it runs fine. So somehow my BSD causes problems here. Any hints? What do I need to change/add ? Is it because of NAT ?


----------



## aragon (Jun 25, 2010)

Use tcpdump(1).


----------



## SirDice (Jun 25, 2010)

You're NAT'ing to another RFC-1918 address. The packet will arrive at the server but the server has no way to respond. 

Post you pf.conf so we can have a look.


----------



## kondziq (Jun 25, 2010)

Hi Guys, 

@aragon: what flags ? The above is 
	
	



```
tcpdump -n -e -i pflog0
```

Relevant pf rules: 


```
nat on $ext_if from <int_trusted> to any -> $ext_if

pass in log quick on $int_if proto tcp from <int_trusted> to port pop3
pass out log quick on $ext_if proto tcp from $ext_if to port pop3
pass in log quick on $int_if proto tcp from <int_trusted> to port smtp
pass out log quick on $ext_if proto tcp from $ext_if to port smtp
```

Thanks,
K.


----------



## DutchDaemon (Jun 25, 2010)

Try [cmd=]tcpdump -s 0 -nli pflog0[/cmd] to see full line.


----------



## kondziq (Jun 25, 2010)

Got this : 


```
19:04:09.057933 IP 192.168.1.10.49348 > 85.128.128.99.110: Flags [S], seq 483725931, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
19:04:12.054131 IP 192.168.1.10.49348 > 85.128.128.99.110: Flags [S], seq 483725931, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
19:04:18.053945 IP 192.168.1.10.49348 > 85.128.128.99.110: Flags [S], seq 483725931, win 8192, options [mss 1460,nop,nop,sackOK], length 0
19:04:30.065592 IP 192.168.1.10.49350 > 85.128.128.99.25: Flags [S], seq 348086758, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
19:04:33.063443 IP 192.168.1.10.49350 > 85.128.128.99.25: Flags [S], seq 348086758, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
19:04:39.063300 IP 192.168.1.10.49350 > 85.128.128.99.25: Flags [S], seq 348086758, win 8192, options [mss 1460,nop,nop,sackOK], length 0
```

K.


----------



## aragon (Jun 26, 2010)

Sorry.  I meant to use tcpdump on your ethernet device(s), not the pflog device.  Pay heed to SirDice's post too.  Why are you natting to another RFC1918 address?


----------



## kondziq (Jun 26, 2010)

Guys, 

Sorry for the trouble, turned out I forgot about my modem/router in front of my FreeBSD box blocking connections as well (as it also has built in FW). Once I unblocked it everything worked fine. 

Thanks very much for help anyway! 
K.


----------

