We have a customer using an Ironport C170 Email firewall device. It seems the Ironport proxies Email traffic to the configured MTA using its own source IP instead of the client IP address. This is causing an issue for our customer as they need to be able to filter and do some post processing based on source IP. I am totally unfamiliar with the Ironport series as we do not use them here and searches do not reveal a way to have the Ironport preserve the source address. Could anyone more familiar with this device enlighten me on if source preservation is possible with this. Seems to be a true proxy device so I am not sure there is a way but thought I would throw it to the experts to be sure. Thanks in advance for replies.
As soon as the ESA recieves the traffic from the email server will be processed and then it will be send using its interface IP address. What is the source IP address that should be preserved? What device owns it?
"If you need PDI (Planning, Design, Implement) assistance feel free to reach us"
Thanks for the reply. I should have been more clear. So for connections inbound from Internet clients, it seems the source IP is that of the C170 from the perspective of the Email server. Connection path would look like this:
For these connections, when the connection goes from the C170 to the Email server, the source IP is changed from that of the client, to that of the C170 because I believe the connection is actually being proxied. I would like to know if there is some configuration that would allow the source IP (in this case the clients source IP) to be preserved when the connection is sent to the Email server. Some sort of transparent proxy option perhaps? I really do not know anything about this C170 device, but things I read do not seem to indicate there is a way to do this. Just trying to see if anyone can confirm. Thanks.
Anyone......I have a hard time believing this has never come up before. I know the Barracuda devices can do this somehow. Again, I am not at all familiar with Ironport gear so I am at a disadvantage here. Any help would be great. Thanks.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...