Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Setting up a Linux Firewall

Status
Not open for further replies.
ilpadrino

ilpadrino

MIS
Feb 14, 2001
416
US
I am trying to add a linux firewall to a company's network
Here's my situation... Internet --> CISCO Router --> Linux Firewall --> Private LAN. On the private LAN behind the firewall, I have an exchange server. I changed the exchange server's old IP to a private IP. The linux box uses another public IP address.

I can browse the internet thru the proxy. I can send and receive email internally. I can send email to the outside world. But I cannot receive email from the outside world.

I use ipchains and ipmasqadm on the linux box that is supposed to forward email on port 25 to the private IP of the exchange server. It is a basic setup based on all the documentation I've read, but I can't get the outside email to the exchange server. Is it possible that I need to change the linux server's IP to the old public IP that the exchange server used to have? Since this is the IP that the ISP recognizes for email?

Thanks for any suggestions.
 
Sort by date Sort by votes
Who ever is authoratative for your DNS (most likely your ISP) needs to change the MX record to the new IP address of the Linux Firewall.

Or, yes, you could go back to the old IP address (just wanted to explain why it wasn't working...)

Hope this helps,
Paul
 
Upvote 0 Downvote
Hi,

You should make an MX record in your DNS with the Internet IP address of your Firewall. This will fool the external world into believing that your Firewall is the mail server and send mails to it. Then your Firewall will redirect the mails to your actual mail server which is inside the Firewall with an invalid IP. So it is a bad idea to bring your Exchange server out on the Internet, exposing it to threats of hacking. You can also change the External IP address of your Firewall to the old Exchange server's Internet IP.

-sgupte.
 
Upvote 0 Downvote
Dear sir

I want to setup the mxrecords in linux server well i have ftp for that but i needed to setup the record how will i.
how can it be done is there any directory needed to make the changes
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SamBones
  • Locked
  • Question
How Do I Start/Stop Systemd Services as a non-root User?
Replies
2
Views
644
gbaughma
gbaughma
kristiandg
  • Locked
  • Question
Linux, "port mirror" between two boxes...
Replies
0
Views
222
kristiandg
kristiandg
Phi_1.618
  • Locked
  • Question
Linux server
Replies
2
Views
280
SamBones
SamBones
bhuv560
  • Locked
  • Question
Postfix Installation on EC2 AWS Linux
Replies
0
Views
142
bhuv560
bhuv560
SamBones
  • Locked
  • Question
Linux 7 Installation Failures 1
Replies
3
Views
203
SamBones
SamBones

Part and Inventory Search

Sponsor

Back
Top