02-09-2001 09:14 AM - edited 02-20-2020 09:46 PM
We are trying to install a pix 506 behind a 675 dsl
modem. One of the specifications is to allow mail
to the inside MS-exchange server. Built the static
and conduit per appendix c of the pix config guide,
But can only get outbound mail to work.
Should we use the IPCP address from the 675 as the
"outside" interface address?
We tried building the conduit with the IPCP address
as the "outside" address in the conduit command
with no luck....
02-14-2001 02:39 PM
Is this the Appendix C you were following? http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v53/config/msexchng.htm
That is only for Exchange mail relays through the PIX. Everything on your network should gateway at the PIXs inside interface. The static will be setup between the mailservers real address and its MX record. The PIX proxy arps for that address and it must be unique and unused on the outside segment. If you are not doing NAT, use the same address twice in your static. Then, setup your conduits allowing SMTP and/or POP3. If you want to use NetBios exchange mail, you have to open a lot of conduits and its pretty insecure so Id just stick with SMTP as your Internet gateway. This link should help:
02-15-2001 10:25 AM
Correct. I have used the appendix C config before, the difference being this one is using dsl.
our last attempt had a static definition between the registered IP address for the MX record and
an un registered address on the inside. The only thing not working at this point is inbound mail.
clents can connect to the web, and mail goes out, but not in. Its off to the TAC on this. They have
looked over the Pix config and see notning wrong. Its going to be one of those intersting
Techniclal Discoveries that make you slap your head and shrug your shoulders.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide