11-05-2011 05:20 AM - edited 03-11-2019 02:46 PM
Hi All,
I have queries regarding network topology when baracuda and smtp server are deployed in the network.
exchange server------(2.1)-ROUTER(3.1)---------(3.2)BARACUDA(4.1)-------4.2)ASA(200.1.1.1)------OUTSIDE
(192.168.2.10) (192.168.4.1)
static (inside, outside ) tcp interface smtp 192.168.4.1 smtp netmask 255.255.255.255
nat (inside) 1 192.168.2.0 255.255.255.0
global (inside) 1 interface
access-list outin extended permit tcp any host 200.1.1.1 eq smtp
192.168.4.1 is baracuda ip and 192.168.2.10 is exchange server ip.
My query is, if baracuda is smtp gateway for exchange server and ASA is default gateway for exchange server, is this configuration correct ?
Second query is that its seen cutomers configure that mails from outside come to baracuda but when mails go to outside it bypass baracuda. So do we have to some configuration changes or is it these servers setting.
Third query is in which cases baracuda server being smtp gateway is located at outside of ASA and what changes will be in the configuation in that case
Any help would be appreciated.
Thanks in advance.
Solved! Go to Solution.
11-06-2011 06:44 AM
Barracuda can be the smtp gateway but exchange server gateway can be the internal router as long as the router knows how to forward traffic to outside through barracuda.
You can configure it as you like but if one want to barracuda to send mails outside then you would have to configure exchange server with relay host configuration.
Practically it is not a good practice to put barracuda outside ASA as barracuda is a smtp gateway not a perimeter security devices which can filter traffic based on rules and allow and block.
HTH
Sent from Cisco Technical Support iPad App
11-06-2011 10:15 AM
static (inside,outside) tcp (public ip-address) 25 (internal server ip-address) 25 netmask 255.255.255.255
Access-list out-in extended permit tcp host any (public ip-address used above) eq 25
Access-group out-in in interface outside
Sent from Cisco Technical Support iPad App
11-06-2011 06:44 AM
Barracuda can be the smtp gateway but exchange server gateway can be the internal router as long as the router knows how to forward traffic to outside through barracuda.
You can configure it as you like but if one want to barracuda to send mails outside then you would have to configure exchange server with relay host configuration.
Practically it is not a good practice to put barracuda outside ASA as barracuda is a smtp gateway not a perimeter security devices which can filter traffic based on rules and allow and block.
HTH
Sent from Cisco Technical Support iPad App
11-06-2011 06:58 AM
Thanks for your reply.
One more question, is the configuration above correct for the inbound and outbound flow of mails?
11-06-2011 10:15 AM
static (inside,outside) tcp (public ip-address) 25 (internal server ip-address) 25 netmask 255.255.255.255
Access-list out-in extended permit tcp host any (public ip-address used above) eq 25
Access-group out-in in interface outside
Sent from Cisco Technical Support iPad App
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: