IP-configuration 1

[arnaudvdv]

We are switching from a dial-up connection to a SDSL connection. At this moment an ISDN-adapter is in the mailserver with the ip-adress of our e-maildomain. In the new configuration there will be a Cisco 78 SOHO DSL-router in the network en after the router there will be a Firebox 700. The question is: where do I put the IP-adress of my e-maildomain and how do I get the e-mail to go to the mail-server (with a private IP-address) in the trusted zone. What kind of IP-adressses do I have to use on the LAN-side of the router and on the External side of the firebox. Can it be private adresses (according to the LAN subnet) or do they have to be public IP-adresses.
Thanx in advance,
Arnaud

 

[Ntr0P]

Depending on how many IP addresses you have, there are a couple options. First make sure that the Cisco device is not running NAT.

You should give the External interface a public IP. Depending on your IP pool, this can be the same IP as your email server or not.

You can place the email server on either the Trusted or Optional interface (optional is typically preferred). If you used the same IP on the external interface as that of your email server, you can use NAT port forwarding to the private IP of your email server.

If your external interface IP is different from your email server's IP, you can use 1-to-1 NAT and maintain a private IP on your email server, or you can disable NAT for SMTP and/or POP3 (or whatever else you might be using) and give your server a public IP on the Optional interface.

Ntr0P

 

[arnaudvdv]

I have 5 Ip-adresses in the same pool, so that would be 1 on the router and one on the external interface of the firebox 700. The mailserver has to be on the trusted site because it also is a PDC. This will keep its private IP-adress.

Thanx NtrOP .