PIX & Juniper Problem

a.hajhamad · ‎07-08-2007

Hi,

I have Cisco PIX firewall UR & FO with OS 7.2(2), and this PIX has one DMZ zone for Connecting the Public IF for the VPN Concentrator, the outside interface is connected to the outside network "Internet Router", the Inside IF is connected to Net Screen FW 20

PIX INSIDE has the same subnet with Net Screen untrust

The NS has one DMZ for connecting the private IF for the VPN Concentrator, and the second DMZ for connecting SMTP Server "Front".

The trust IF for the NS is connected to the Core siwtches "6509", the Exchange Server is connected to the core switches.

Everything works fine, we can send and receive mails.

The customer needs to move the front server from the NS DMZ to a new DMZ at the PIX.

After we moved the front server to the PIX DMZ, we can receive mails normally, but the problem is when sending mails - failed.

Everything is permitted at the NS trust interface, and the same thing done at the PIX inside.

No routing or natting problems, i think it is SMTP errors

ESMTP inspection is done at the PIX.

Any help?

Thanks in advance

Abd Alqader

bstremp · ‎07-16-2007

When a PIX Firewall is configured initially, it has a default security policy where everyone on the inside can get out, and nobody from the outside can get in. If your site requires a different security policy, you can allow outside users to connect to your web server through the PIX.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008009402f.shtml