A NAT'ed syn ack Reveals Internal IP Address thru PIX
We are trying to configure an internal firewall to handle SMTP requests from a Windows 2003 Web Application server through the PIX outside interface(using a NAT) to a Red Hat Linux ES Mail server. Using sniffer traces, we have found that the Windows web app receives a SYN ACK from the mail server that shows the real address of the mail server instead of the NAT'ed address and the web app discards the mail server responses because it thinks the source is wrong. We tested the same machines through the PIX with a different protocol - SSH instead and see the same behavior. Additionally, we tested SSH from Windows to Windows and it works as it should. It's possible that it's a Linux issue but our Linux guys tell us it's the PIX. Attached is a diagram to illustrate the environment. Any ideas?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...