Hello I have 2 problems with PIX firewall.
DETAILS:
Pix firewall version 6.3
The firewall has 4 interfaces => Outside - Inside - Int2 - Int3
There are separate networks connected to each of the internal interfaces (3 separate small companies)
=> Inside = Company1 = 192.168.5.0/24 Int2 = Company2 = 192.168.0.0/24 Int3 = Company3 = 192.168.3.0/24
=> Security -Inside=100 Int2=70 Int3 = 60
=> I have configured VPN access and it works to connect to Company1 network which is all I need to do.
=> Each company has their own internal Email server ( Company1 =Exchange 2003 | Company2 = Exchange 2003 | Company 3 = Lotus Notes)
=> Each has public DNS /MX records (mail.company1.com | mail.company2.com | mail.company3.com)
=> Internal DNS resolves mail properly for internal clients on all networks.
=> Mail flow to and from the Internet works fine for every company.
=> Each company also has a few additional internal hosts with static mappings to Public IP addresses / NAT /etc... all of this works properly.
=> There are no filters or restrictions specified for outbound traffic so other than global parameters everything should be fine.
---------------
Problem 1:
---------------
I am unable to send email to and from each network to any other one of these internal networks. * As mentioned above mail works perfectly to and from the the outside world.
example:
1). User on Company1 network can't send or receive mail to and from user@company2.com or user@company3.com networks. This is mostly consistent accross the board - user@company2.com can't send or receive to and from user@company1.com or user@company3.com and so on.
Q: What needs to happen for email flow to be possible accross these networks?
--------------
Problem 2:
--------------
Company 2 user on Int2 network can not connect to an external WIndows based VPN network and use RDC.
** note ** - User can succesfully accomplish this from home network without a problem. Home network is standard issue SBC type with dynamic address and some type of basic home DSL router / firewall/modem combination.
Therefore this probably has something to do with the Pix and I am guessing that the Microsoft VPN network is unable to allow access to client because of how it is receiving the information. It refuses to create the tunnel connection for the internal host.
Q. Is there something specific that needs to be set up on the PIX to allow a VPN connection to an external Windows based VPN?
thank you in advance.
DETAILS:
Pix firewall version 6.3
The firewall has 4 interfaces => Outside - Inside - Int2 - Int3
There are separate networks connected to each of the internal interfaces (3 separate small companies)
=> Inside = Company1 = 192.168.5.0/24 Int2 = Company2 = 192.168.0.0/24 Int3 = Company3 = 192.168.3.0/24
=> Security -Inside=100 Int2=70 Int3 = 60
=> I have configured VPN access and it works to connect to Company1 network which is all I need to do.
=> Each company has their own internal Email server ( Company1 =Exchange 2003 | Company2 = Exchange 2003 | Company 3 = Lotus Notes)
=> Each has public DNS /MX records (mail.company1.com | mail.company2.com | mail.company3.com)
=> Internal DNS resolves mail properly for internal clients on all networks.
=> Mail flow to and from the Internet works fine for every company.
=> Each company also has a few additional internal hosts with static mappings to Public IP addresses / NAT /etc... all of this works properly.
=> There are no filters or restrictions specified for outbound traffic so other than global parameters everything should be fine.
---------------
Problem 1:
---------------
I am unable to send email to and from each network to any other one of these internal networks. * As mentioned above mail works perfectly to and from the the outside world.
example:
1). User on Company1 network can't send or receive mail to and from user@company2.com or user@company3.com networks. This is mostly consistent accross the board - user@company2.com can't send or receive to and from user@company1.com or user@company3.com and so on.
Q: What needs to happen for email flow to be possible accross these networks?
--------------
Problem 2:
--------------
Company 2 user on Int2 network can not connect to an external WIndows based VPN network and use RDC.
** note ** - User can succesfully accomplish this from home network without a problem. Home network is standard issue SBC type with dynamic address and some type of basic home DSL router / firewall/modem combination.
Therefore this probably has something to do with the Pix and I am guessing that the Microsoft VPN network is unable to allow access to client because of how it is receiving the information. It refuses to create the tunnel connection for the internal host.
Q. Is there something specific that needs to be set up on the PIX to allow a VPN connection to an external Windows based VPN?
thank you in advance.
