Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] how to config FW for exchange?

To: [email protected]
Subject: Re: [FW-1] how to config FW for exchange?
From: MATT GUILFOIL <[email protected]>
Date: Wed, 14 Nov 2001 09:22:05 -0600
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Assuming the following:

a) MAIL (FW object) using NAT for external address, not located on a DMZ segment
b) No internal (private) DNS services
c) Exchange server's netbios name is something other than MAIL

The simplest solution I know is to force clients to resolve MAIL to 192.168.0.30 rather than resorting to adding additional rules to allow internal clients access to the NATted address. You can do this either by providing internal DNS services or adding an entry to the HOSTS file on the client machines.

In my experience, I have never seen the wisdom of directing internal hosts to an external NATted address. The only exception would be where it is necessary to enforce a policy that could only be handled by the firewall.

Regards,
Matt

>>> Wat King <[email protected]> 11/13/01 09:53PM >>>
Dear all:

I have config as follow:

MAIL (192.168.0.30) Mapped (X.X.X.30)
SERVER--------------(192.168.0.254) FW-1(4.1) (X.X X.254) -Router-Internet
                                    |
LAN Clients              |
(192.168.0.0/24)----|
Which use FW1 as gateway and we have a valid class C

Policy:
Any > MAIL > SMTP/POP3 > Accept

Problem is:
Client (Outlook Express) using MAIL(valid address) cannot send mail
using NetBIOS name (MAIL) / 192.168.0.30, then OK.
Can anyone help? because lastly we config every client using MAIL (Valid)
and it placed outside FW
P.S.  1. The other client outside (any other at internet) had no problem
when sending and receiving mail
          2. Telnet MAIL(Valid) 25 (client behind FW) host not found,
               Telnet 192.168.0.30 25 ok!

Regards,
A true novice, Wat.

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

Prev by Date: Re: [FW-1] logswitch: cannot connect to fw daemon
Next by Date: Re: [FW-1] MAIL and LINUX
Previous by thread: [FW-1] how to config FW for exchange?
Next by thread: Re: [FW-1] Problem setting up securemote connection to FW-1 SP3 (encrypt ion failure: No peer gateway found f or the destination scheme:
Index(es):
- Date
- Thread