EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Wednesday 27 November 2024, 03:47:34 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Visit the official Endian Community Mailinglist
HERE
14261
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
General Support
DNAT Policy Not working correctly - can someone give me a hand!?!
0 Members and 0 Guests are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: DNAT Policy Not working correctly - can someone give me a hand!?! (Read 8437 times)
jbrent
Jr. Member
Offline
Posts: 3
DNAT Policy Not working correctly - can someone give me a hand!?!
«
on:
Friday 11 December 2009, 06:53:44 am »
First off - Endian Community is blowing the socks off my aging Symantec Gateway Security 1620...Rock.
FTP access speeds have doubled web traffic speeds have double... Amazing.
I have everything working beautifully except for one snafu which might make me have to roll back to my old appliance.
Here is my setup:
Endian External IP: 207.67.55.x
Internal IP: 10.0.0.2
Barracuda: 10.0.0.3
Exchange: 10.0.0.4
My Problem:
I only allow our internal network (10.0.0.x) to use smtp in Exchange.
All our incoming mail from the world hits 207.67.55.x and is routed to our Barracuda which delivers email to our Exchange server.
I have setup a SMTP backdoor for people outside the office to use if port 25 is blocked by their ISP or hotel or whatever.
I use port 465 for this purpose.
So I setup a Port Forwarding / NAT rule the same way I do with SMTP but instead of 25, I use 465.
Instead of routing port 465 traffic to the barracuda, I route it to our Exchange server.
I set the DNAT Policy to "Do Not NAT" and enabled logging.
All is well right? Wrong...
When I telnet to 207.67.55.x from my home on port 465 I get nothing. Connection Times out.
When I telnet to 207.67.55.x from my home on port 465 with "NAT Policy" set to "NAT", the connection works and it passes traffic just fine to my exchange server as the ip address from my home.
This will obvsiouly not allow you to send mail.
I need the traffic to be passed to our exchange server as the ip address of the Endian Firewall (10.0.0.2).
So I should just be able to turn off the DNAT Policy and set it to "Do Not Nat" but it doesn't work that way.
I have played with some system access settings and that doesn't seem to be of any help.
How can I make all traffic on port 465 leave the endian firewall as if it came from the endian firewall?
Hit me up! I'm desperate!
Thanks guys!
Logged
jbrent
Jr. Member
Offline
Posts: 3
Re: DNAT Policy Not working correctly - can someone give me a hand!?!
«
Reply #1 on:
Saturday 12 December 2009, 06:27:01 am »
Fixed...
I needed a source NAT... but I didn't know that I could leave the "source" field blank!
All is good!
YEEHA!
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.063 seconds with 19 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com