05-04-2010 06:41 PM - edited 03-11-2019 10:41 AM
I have 1 external IP address that is used for incomming mail. That address is pointed via static to my Barracuda web filter. My xchange server falls under the standard dynamic nat policy. One some domains I have been getting NDR bounce backs because the source IP address does not mach my MX record address (reverse dns).
IE..
123.123.123.123 is the external IP address for my internal host 172.16.1.1 (my barracuda)
123.123.123.223 is the external IP address for my internal dynamic nat. (so all other hosts appear under this address, which includes my exchage server).
Is it possible to mask / fake so that my exchange server appears to have the same external address as my barracuda to prevent these NDR reverse dns issues? However I do not want anything that goes to 123.123.123.123 to go directly to the exchange server.
05-05-2010 07:02 AM
Hi,
I assume that we have the following configuration:
static (inside,outside) 123.123.123.123 172.16.1.1
global (outside) 1 123.123.123.223
nat (inside) 1 0 0
Try the following:
no static (inside,outside) 123.123.123.123 172.16.1.1
static (inside,outside) tcp 123.123.123.123 25 172.16.1.1 25
no global (outside) 1 123.123.123.223
global (outside) 1 123.123.123.123
clear xlate
clear local
Let me know if that resolves the issue.
HTH
Ashu.
05-05-2010 08:13 PM
You should not do that as if the exchange server gets hit with a virus or mass mailing bot you will get on the SPAM list and could have issues with the server. You should point your exchange server at the Barracuda as an SMTP smarthost and have it scan outbound.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide