cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1601
Views
5
Helpful
9
Replies

RV042+barracuda

arnetcs2011
Level 1
Level 1

I have been running a email/web/ftp server on one server for 9 years. I have currently acquired a Barracuda spam 300. I cant get the emails to go thru the barracuda first. Here is how it is setup:

my email and web come in thru one outside address..call it 166.5.5.5

I have a 1 to 1 nat for 166.5.5.5 to 10.0.0.2 (email/web/ftp server)

ports 25 and 53 are forwarded to the 10.0.0.4 (barracuda) then out on 25 to my 10.0.0.2

no emails go thru as long as it is set this way

I can nat the 166.5.5.5 to the barracuda first and emails go thru, but I lose my web and ftp

will this router work for me? I was told that i needed to change mx records for email to 166.5.5.6 and then forward nat on that address to the barracuda. I dont really want to change mx records for 10-12 email domains.

please help!

9 Replies 9

Te-Kai Liu
Level 7
Level 7

(I do not have experience with Barracuda.)

It sounds like you have a single server hosting email, web, and ftp in the LAN of RV042.

Normally you would forward email/web/ftp traffic to this server (10.0.0.2).

Now you want the email traffic go through a spam filter (Barracuda at 10.0.0.4) first and feed the filtered traffic to the above server.

It would appear that Barracuda should have some configration setting that allows you to specify the email server IP address (10.0.0.2) and port number (25).

rmanthey
Level 4
Level 4

Hello Leslie,

Is the 166.5.5.5 your wan1 ip address? or is this address a second public ip your ISP gave you?

What is your MX record set to? what public IP address? I assume it is the 166 address.

On the Barracuda you will need to set it up to forward the email once scanned to the internal exchange server, then on the exchange server you will need to setup a Smart Host and point it to your barracuda to scan outgoing smtp traffic.

Randy Manthey

Cisco Small Business Support Center

Universal Subject Matter Expert - Customer Support Engineer

CCNA, CCNA - Security

i have 30 statics issued from isp.    x.x.x .1-.30

.1 is my wan ip

.30 is what the mx and "a" records are set to at the various places (register.com, Godaddy)

the barracuda is set up correctly as I can nat 1to 1 the outside to the barracuda (10.0.0.4) and it works but I loose my websites and ftp.

I am having a problem setting up the rv042 to work with one nat address then forward ports 25,53 to the barracuda (10.0.0.4)

and ports needed for the webserver(80, 443),rdp(3389) and ftp(21)

any help would be appreciated

Leslie,

You will, the Router will use the one-to-one nat over the port forward.

Do you have dual wan?

If so have you looked into the SA500 platform? This device would allow for Port based one-to-one nat. So you could forward port 25 from .30 and port 443 for .1

The RV042 has some limitations on port based natting from alias addresses or other ISP addresses.

Randy Manthey

Cisco Small Business Support Center

Universal Subject Matter Expert - Customer Support Engineer

CCNA, CCNA - Security

not using dual wan on this model

So there is no way to use this model (rv042) to use a 1to1 NAT address then forward different ports to  2 different inside IP's?

1 to barracuda and 1 to the actual server

f you have two public IP addresses, one for RV042 WAN1 and the second one for Barracuda, you can forward ports 80, 443, and 21 to your web server (using Setup>Forwarding) and configure a 1-to-1 NAT rule (under Setup>1-to-1 NAT), which will direct all traffic destined to the second public IP address to Barracuda.

I have 30 static ip's from isp x.x.x.1-.30

.1 is the address for the wan issued by isp

.30 is the address that is set at register.com for "a" record and mx record for email for about 8-10 websites and email

I could change the mx records at register.com and godaddy to a different static ip  x.x.x.29 but that takes anywhere from 24-72 hours so my email and websites would be down for that period

I was just wondering if i can nat 1to1 x.x.x.30 to something (barracuda is 10.0.0.4) (server is 10.0.0.2)  (currently it goes to 10.0.0.2) and forward 53, 25 to 10.0.0.4  and 80,443,3389,21 to the server (10.0.0.2)

Leslie,

Port forwarding will only work from the WAN1 IP address.

If you setup a one-to-one nat for an internal IP lets say 10.0.0.4 it will bind that IP address to the outside IP address you assign in the one-to-one nat which will over-rid any port forward rules on the RV0xx routers.

A different router like the RV180, RV220W or SA500 series allows you to create individual port based one-to-one nat rules that can be configured independently without interfering with each others function.

The RV0XX routers was built more for Dual or multi-WAN redundancy not really for advanced NAT rules.

I would agree with tekliu that your best option with the RV042 would be to setup a second one-to-one nat with one of the other static IP's. Now I don't know your business model but if you don't have a lot of business over the weekend this would be a good time. Or one-to-one nat the WEB traffic to a different IP and that might not be as big as an impact to business as the Email.

I would recommend a different model of router that offers advance NATTING features like the RV180, RV220W or SA500 depending on your other requirements.

I hope this helps.

Randy Manthey

Cisco Small Business Support Center

Universal Subject Matter Expert - Customer Support Engineer

CCNA, CCNA - Security

OK that makes sense now.I will probably change the mx records for the emails to another ouside static and then nat 1to1 that address to barracuda.

thanks again