Discussion:
How do I publish the SMTP port to one server and the POP port to another server using the same defined external IP address?
(too old to reply)
Aaron
2004-11-29 05:25:13 UTC
Permalink
We have just installed a Barracuda Networks Anti-Spam appliance and
are having issues configuring it with
Checkpoint Firewall 1-NG . Heres the email that our network consultant
sent to me to post here.

The Checkpoint Firewall has a host defined as x.y.z.a. It has a FQDN
associated with it.

I have published ports 25,110,3000 and 3389 on that address to forward
those protocols to an internal server at 192.168.1.100.

If I now want to split SMTP out and send it to another internal server
it seems that the rule defined to do so negates delivery of 110,3000
and 3389 to the original server.

I use a STATIC NAT on each of the hosts.

Eg

SOURCE DESTINATION SERVICE ACTION
Any SpamServer SMTP Allow
Any Mailserver SMTP Allow
POP
RDP
Custom_3000

Both Hosts Spamserver and Mailserver have the same NAT translation to
the published IP Address
For example 211.211.210.10

The first rulle seems to negate the effects of the second rule.

How do I publish the SMTP port to one server and the POP port to
another server using the same defined external IP address?
Don Wright
2004-12-01 18:22:23 UTC
Permalink
Post by Aaron
We have just installed a Barracuda Networks Anti-Spam appliance and
are having issues configuring it with
Checkpoint Firewall 1-NG . Heres the email that our network consultant
sent to me to post here.
The Checkpoint Firewall has a host defined as x.y.z.a. It has a FQDN
associated with it.
I have published ports 25,110,3000 and 3389 on that address to forward
those protocols to an internal server at 192.168.1.100.
If I now want to split SMTP out and send it to another internal server
it seems that the rule defined to do so negates delivery of 110,3000
and 3389 to the original server.
I use a STATIC NAT on each of the hosts.
Eg
SOURCE DESTINATION SERVICE ACTION
Any SpamServer SMTP Allow
Any Mailserver SMTP Allow
POP
RDP
Custom_3000
Both Hosts Spamserver and Mailserver have the same NAT translation to
the published IP Address
For example 211.211.210.10
The first rulle seems to negate the effects of the second rule.
How do I publish the SMTP port to one server and the POP port to
another server using the same defined external IP address?
You'd have to use Port translation with both internal hosts NAT-ted
behinfd the firewall address and manual NAT rules. Its described in the
User Guuide or Admin Guide.

Loading...