Active Topics
-
The N900 is now 15 years old! (8)
to Nokia N900 by whayong - 10 hrs, 9 mins ago -
Sailfish OS for the Motorola Moto G7 Power (XT1955-5) - (ocean) (4)
to SailfishOS by Maemish - 5 days, 6 hrs ago - more...
|
2010-05-28
, 20:36
|
|
Posts: 131 |
Thanked: 62 times |
Joined on Feb 2010
|
#12
|
When I use OpenVPN to do just this, OpenVPN connects back to my server on a given address
ort which is configured in the OpenVPN config files say
my.router.public.ipaddress:1400 UPD, whatever your router is setup for
which is port forwarded through my broadband router to my server on
192.168.0.10:1400 UDP, whatever your internal network address is.
The VPN tunnel is configured to address 192.168.200.1/30 on the server end of the tunnel and 192.168.200.2/30 for the N900 end of the tunnel.
OpenVPN creates TUN0 as an interface on the N900 with network 192.168.200.0 subnet 255.255.255.252 which will of course route all TCP/UDP sessions destined for networks that are routed over TUN0, hint: setup a route for 192.168.0.0 via 192.168.200.2 for the N900 in the OpenVPN config file.
my smtp mail relay server now listens on both addressort
192.168.200.1:25 and
192.168.0.10:25
Since it is now effectively multi-homed and I can use either address on the N900 since I can reach the 192.168.200.1 address directly and I can route to 192.168.0.10 via 192.168.200.0 from the N900.
The vpn tunnel merely creates a private route direct to my mail server and therefore I can initiate any TCP session over it as I choose.
You can start/stop openvpn very easily via the command line and use different configs as you choose as command line parameters.
I haven't used SSH to tunnel for SMTP this way so can't help you with that.
rgds
Last edited by uTMY; 2010-05-28 at 21:00.
ort which is configured in the OpenVPN config files saymy.router.public.ipaddress:1400 UPD, whatever your router is setup for
which is port forwarded through my broadband router to my server on
192.168.0.10:1400 UDP, whatever your internal network address is.
The VPN tunnel is configured to address 192.168.200.1/30 on the server end of the tunnel and 192.168.200.2/30 for the N900 end of the tunnel.
OpenVPN creates TUN0 as an interface on the N900 with network 192.168.200.0 subnet 255.255.255.252 which will of course route all TCP/UDP sessions destined for networks that are routed over TUN0, hint: setup a route for 192.168.0.0 via 192.168.200.2 for the N900 in the OpenVPN config file.
my smtp mail relay server now listens on both address
ort192.168.200.1:25 and
192.168.0.10:25
Since it is now effectively multi-homed and I can use either address on the N900 since I can reach the 192.168.200.1 address directly and I can route to 192.168.0.10 via 192.168.200.0 from the N900.
The vpn tunnel merely creates a private route direct to my mail server and therefore I can initiate any TCP session over it as I choose.
You can start/stop openvpn very easily via the command line and use different configs as you choose as command line parameters.
I haven't used SSH to tunnel for SMTP this way so can't help you with that.
rgds
Last edited by uTMY; 2010-05-28 at 21:00.
| The Following 3 Users Say Thank You to uTMY For This Useful Post: | ||
 |
|
2010-05-28
, 22:07
|
|
Posts: 25 |
Thanked: 5 times |
Joined on May 2010
@ Philippines and Cambodia
|
#13
|
thanks a lot uTMY
that's about all the information i wanted / needed
i will work on it asap
this problem of blocked port 25 never occurs when going through routers in hotels while traveling
much worst - this is default problem for all ppl in the Philippines using the largest mobile phone provider Smart Communications and connecting via 3G to my servers. living and working in paradise means far from hotels and cities on beautiful islands
!!
to test I have to go out of my current temporary home in a city, as I have at my current place no mobile signal in my room to test 3G mailing
until yesterday I had another problem that suddenly disappeared - I never could ping my own localhost or 127.0.0.1 on my N900 - and last night suddenly that started to work after I did a full maemo 5 upgrade hours before ( and multiple reboot of the N900 ).
may be part of the problem also was inside my own N900. unfortunately I have the official Philippine version - that usually is weeks or months behind european version of N900
that's about all the information i wanted / needed
i will work on it asap
this problem of blocked port 25 never occurs when going through routers in hotels while traveling
much worst - this is default problem for all ppl in the Philippines using the largest mobile phone provider Smart Communications and connecting via 3G to my servers. living and working in paradise means far from hotels and cities on beautiful islands
!!to test I have to go out of my current temporary home in a city, as I have at my current place no mobile signal in my room to test 3G mailing
until yesterday I had another problem that suddenly disappeared - I never could ping my own localhost or 127.0.0.1 on my N900 - and last night suddenly that started to work after I did a full maemo 5 upgrade hours before ( and multiple reboot of the N900 ).
may be part of the problem also was inside my own N900. unfortunately I have the official Philippine version - that usually is weeks or months behind european version of N900
|
|
2010-05-28
, 22:44
|
|
Posts: 131 |
Thanked: 62 times |
Joined on Feb 2010
|
#14
|
Originally Posted by hans51
Don't forget you need to use the openvpn to mint a cert for each end, probably sufficient to use the openvpn mini howto to do this.
thanks a lot uTMY
that's about all the information i wanted / needed
i will work on it asap
this problem of blocked port 25 never occurs when going through routers in hotels while traveling
much worst - this is default problem for all ppl in the Philippines using the largest mobile phone provider Smart Communications and connecting via 3G to my servers. living and working in paradise means far from hotels and cities on beautiful islands
to test I have to go out of my current temporary home in a city, as I have at my current place no mobile signal in my room to test 3G mailing
until yesterday I had another problem that suddenly disappeared - I never could ping my own localhost or 127.0.0.1 on my N900 - and last night suddenly that started to work after I did a full maemo 5 upgrade hours before ( and multiple reboot of the N900 ).
may be part of the problem also was inside my own N900. unfortunately I have the official Philippine version - that usually is weeks or months behind european version of N900
rgds
|
|
2010-05-29
, 17:16
|
|
Posts: 25 |
Thanked: 5 times |
Joined on May 2010
@ Philippines and Cambodia
|
#15
|
Hi guys
first the good news:
the tunneling works - just exactly as in any regular linux box
on N900 - online via 3G !!
in
xterm > root > bash
then one commandline to open the tunnel
ssh -L 44999:127.0.0.1:25 root@my.mailserver.IP.xxx
in the N900 email configuration as smtp server:
127.0.0.1
port:
44999
of course you may change port - the one i use since years is a free one on my servers.
the bad news:
I have NO idea why it failed to work at the very beginning.
the only guess I have is the major maemo5 upgrade ( some 112 MB ) may have fixed a system bug ...
the certification stuff is of course already done for all the ssh connection and connection alias I use on my server systems.
on N900 simply use
ssh-keygen
to create your N900 certificate then proceed as usual in Linux environment
first the good news:
the tunneling works - just exactly as in any regular linux box
on N900 - online via 3G !!
in
xterm > root > bash
then one commandline to open the tunnel
ssh -L 44999:127.0.0.1:25 root@my.mailserver.IP.xxx
in the N900 email configuration as smtp server:
127.0.0.1
port:
44999
of course you may change port - the one i use since years is a free one on my servers.
the bad news:
I have NO idea why it failed to work at the very beginning.
the only guess I have is the major maemo5 upgrade ( some 112 MB ) may have fixed a system bug ...
the certification stuff is of course already done for all the ssh connection and connection alias I use on my server systems.
on N900 simply use
ssh-keygen
to create your N900 certificate then proceed as usual in Linux environment
 |
|
2010-06-05
, 08:54
|
|
Posts: 96 |
Thanked: 35 times |
Joined on May 2010
|
#16
|
I really don't understand the problem here.
Your ISP blocks port 25. Many do.
You run your own mail server, so simply run smtp on a different or additional port.
Then when you setup the account on the n900, instead of the default port 25, you enter the port you chose to listen on.
Forget port 25 even exists. It's your mail server, you can run it on any port you want.
Your ISP blocks port 25. Many do.
You run your own mail server, so simply run smtp on a different or additional port.
Then when you setup the account on the n900, instead of the default port 25, you enter the port you chose to listen on.
Forget port 25 even exists. It's your mail server, you can run it on any port you want.
|
|
2010-06-09
, 16:27
|
|
Posts: 131 |
Thanked: 62 times |
Joined on Feb 2010
|
#17
|
Originally Posted by breakd0wn
Hi Breakd0wn
I really don't understand the problem here.
Your ISP blocks port 25. Many do.
You run your own mail server, so simply run smtp on a different or additional port.
Then when you setup the account on the n900, instead of the default port 25, you enter the port you chose to listen on.
Forget port 25 even exists. It's your mail server, you can run it on any port you want.
You are right you could easily change the port on the SMTP server but in my case, I have many other components installed on my server already configured to use smtp service on port 25 and it would have meant changing those too, also each service I required would then need seperate configurations.
With the OpenVPN option every service I host on/through my home server becomes available to me with just one very secure configuration, much easier networking and if I lose the phone I can easily revoke the certificate.
rgds
|
|
2010-06-09
, 16:50
|
|
Posts: 20 |
Thanked: 4 times |
Joined on Sep 2007
|
#18
|
Do doubt that OpenVPN will give you a more secure implementation and is a good way to go if you can but if you need a simpler case you can use SMTP-you could configure sendmail to listen on more than one port...Preserve port 25 for you legacy processes and another listening ports for this purpose.
OK
I understand your solution
as said above I have already a tunnel simply by using
ssh -L 44999:localhost:25 root@xxx.xxx.xxx.xxx
that is default method on any Linux box as long as all ssh and server keys are already properly installed on all ends
you quote:
mailserver.vpntunnel.ip.address:25
on my linux box and local mail client it is default Linux = localhost
hence as a smtp server in the email configuration it is simply
localhost:44999 ( for my port 44999)
i have tried to use as
mailserver.vpntunnel.ip.address
anything from
localhost
127.0.0.1
192.168.2.15
??? without success
hence either there is another TO ME UNKNOWN IP in use for such ...
as a general rule
if a too such as openVPN can do
then there also should be a simple bash command line doing the very same
can u give me please the precise IP address for your LOCAL mailserver IP on your N900 ??