Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1122
Views
0
Helpful
1
Replies

IronPort as backend firewall

rahat.siddiq
Level 1
Level 1

‎10-07-2013 01:56 PM

Hi All,

I have deployment of IronPort in which I am putting IronPort behind WatchGuard.

I am only using single interface with Relaylist in HAT and added exchange server IP in relay

So from outside the mail first hit WatchGuard and Then will hit Firewall and then will hit to IronPort

Outside User ==> WatchGuard ==>> Firewall ==>>> IronPort ==>> Exchange

My incoming mai is working fine and user are able to recieved email from outside

From internal to external the email first hit Ironport and then to firewall and then to WatchGuard and outside

Exchange ==>> IronPort ==>> Firewall ==>> WatchGuard ==>> Outside

In Ironport I can see in message tracking that message is receving and Relay list and filter and sent for delivery.

When we start sending mail from ironport it was working for some time but later stop working then we check header of earlier recived email and found out that the email are directly sending via Firewall and not sending via WatchGuard.

Now I wanted to know How I can Force IronPort to send mail to WatchGuard or Do I have to change something on Firewall e.g NAT

Regards,

Labels:
0 Helpful
1 Reply 1

Enrico Werner
Cisco Employee
Cisco Employee

‎10-14-2013 05:07 AM

Hi,

you can create a message or content filter and route all outbound messages originating from the Exchange to WatchGuard.

localRedirectFilter:

if(remote-ip == '1.2.3.4')

{

alt-mailhost('5.6.7.8');

}

Note that any additional routing information specified by the smtproutes command still affects the routing of the message. Verify  "Network > SMTP Routes".

Regards,

Enrico

0 Helpful
Customers Also Viewed These Support Documents