Hi Security team,
Its very strange to say that microsoft outlook is not function because of firewall. Hopefully it should not !! but what happens is - mails are not getting downloaded or sent via outlook express from Local Lan. With the same outlook configuration and when Datacard is being used, it works perfectly.
Attaching the error message and firewall configuration
NB-Public ips configured are not the real ips ..
webmail is working from the local lan& only outlook is not !!!
Pls help !!
mail server is outside the firewall (not in this network), its a public server. clients are from Inside (192.168.4.0)
The mail server is not in DMZ/Inside. Its a public mail server which is located outside the network.
We can skip thinking of DMZ in this scenario..
So are you using MS Exchange ports or SMTP/POP3? If Exchange, could ISP be blocking ports? What's the "Datacard" and why does this work when using it? Could you setup VPN with mail server/mail server's network?
I have resolved the problem by myself...
I have connected the laptop directly to the modem with the ip address as that of firewall public ip. Then i was able to access mails thru outlook..
This means it needs a public ip..
So, I did a PAT for the entire Local Lan segment. Now outlook is working fine without any problem.
New problem is that, for machines configured as DHCP are not able to receive mails. where are those with static does not have any problem.
Earlier i had configured PAT only for Proxy servers, because, client should access internet thru only proxy.
Anyways my problem is resolved.
Maybe this session will helpful for others...
Thanks to All who participated in this session...
Well OWA would use the proxy server as it is accessed through the web browse, the Outlook client does not use the proxy server (at least by default). You could setup RPC over HTTPS if you want to use the proxy.
DHCP clients will also work, your current NAT statements only allow NAT/PAT for one IP:
access-list 128 extended permit ip host 192.168.4.250 any
Now it is
access-list 128 extended permit ip 192.168.4.0 255.255.255.0 any
But still dhcp configured machines are not receiving the mails properly..
once made to static, it works....