Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

set up for exchange

Status
Not open for further replies.
mjpolito

mjpolito

MIS
Nov 8, 2003
23
US
I need to setup an exchng srvr inside my lan, for testing.

I have a domain name registered. The same company that registered the domain name is hosting my email (register.com).

I also have a pix firewall (501), and an exchng srvr (running 2000 or 2003).

I can get a cisco router with as many interfaces as I need. Plus I can get as many static ip's as required from my isp (optonline.net - long island).

I need some advice on how to set this up, not the exchng software, but the layer 3 stuff.

Do I need just 1 static ip for the server, or do I need 2 static ip's - 1 for server & one for pix?

Do I need to get a router with 3 interfaces, outside, dmz & inside, & put exchngsrvr in the dmz?

I'm assuming at a certain point I need to tell register.com that I am now administering the email service?

I'm assuming I also need to setup an A record & an MX record in DNS, right?

Do I contact optonline.net (my isp at the office here) or do I contact register.com (who registered my domain name & who currently hosts my email service)??

What ports need to be opened on the firewall? Is there a Cisco TAC article on this?

Mike
 
Sort by date Sort by votes
Mike,

The first point I would make here is that the PIX 501 is not ideal for this application, It only supports an inside and an outside network. Ideally to support a mail server you should have a PIX with a DMZ port as well, a minimum of 3 interfaces.

You will need at least 3 static IP addresses, 1 for PIX outside, one for the external address of the mail server and one for the Ethernet port on the ISP facing router.

With the PIX 501 the only option you have regarding placement of the server is on the inside network, but that means if its compromised then an attacker is into your secure network.

You will need the MX record changing to get email sent to the external static address of the mail server, it will probably need tranferring to your ISP, although it may be worth discussing this with your current email provider.

The static translation will use TCP port 25 to allow smtp in, I would also recommend disabling the comand `fixup protocol smtp 25' as this can cause problems with email.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
655
Johnkite
Johnkite
XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
590
XLNTech1
XLNTech1
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
799
Shmid
Shmid
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
181
WhosYourDiffie
WhosYourDiffie
acabezas2014
  • Locked
  • Question
Configuring ASA for Network Segmentation
Replies
1
Views
286
acabezas2014
acabezas2014

Part and Inventory Search

Sponsor

Back
Top