Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to direct SMTP traffic to Exchange Server with 2 NICs behind a Rou

Status
Not open for further replies.
saintpi

saintpi

IS-IT--Management
May 21, 2003
22
NG
I need to create access to a new Exchange Server. The server has 2 network cards (NICs). One with internal IP and the other with a public IP. My network is as follows:- Internet <--> Cisco Router <--> PIX 515E <--> Switch --> LAN. The Router has a public IP on the outside interface and a private IP on the inside. The PIX has private IPs on both interfaces on different subnets.
The router and the pix both have only 2 interface ports. I cannot create a DMZ on a separate interface.
How do I safely connect the Exchange Server to the network? Do I physically connect the cables from both NICs to the LAN? Or do I have to install a switch between the Router and the PIX and then connect the Public NIC to the switch? How do I route traffic through the Router and the PIX to the Mail Server? Thanks.
 
Sort by date Sort by votes
why does your exchange server need a public ip attached to a NIC??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Sounds like you need to set up an access list and a static translation to allow port 25 through your pix to your Exchange server.

For the static translation, something similar to this should work:

static (inside,outside) tcp interface smtp <insiert-exchange-IP-here> smtp netmask 255.255.255.255

For the access lists, something like this should work:

access-list outside_in permit tcp any interface outside eq smtp

You should NOT try to plug your exchange server in with two NICs, one inside the network and one out. That would completely defeat the purpose of your firewall. Only use the NIC currently configured with an internal IP.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
670
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
585
Johnkite
Johnkite
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
513
nnaarrnn
nnaarrnn
Russtoleum
  • Locked
  • Question
SW GVC won't route traffic through sonicwall to offsite tunnel unless it leases an ip on the same su
Replies
1
Views
165
Russtoleum
Russtoleum
ISDPCMAN
  • Locked
  • Question
Cannot connect to TZ-215 Sonicwall appliance with web browser!
Replies
0
Views
145
ISDPCMAN
ISDPCMAN

Part and Inventory Search

Sponsor

Back
Top