I am attempting to configure a PIX 520 to support connections from a low security zone to high security zone inbound to a exchange server from outlook.
I am using the NAT 0 options and have the no problem pinging, hitting the web interface on the same box, or using an IMAP client. I understand that exchange is pretty unique in its use of prots and i have configure dthe
establishes tcp 135 permitto tcp 1024-65535 option but i am drawing a blank. Connectivity still fails. Any suggestions whould be great. Thanks a bunch
Then, obviously, setup a static mapping from the high security interface to the low security interface for the Exchange server.
Setup ACLs for port 135, and the two ports you assign via the registry per the above link
Finally, and this is very important, make sure your clients have a means for resolving the Exchange servers host name to an ip address. With Outlook, even if you first enter the IP address into the configuration it automatically converts this to the Hostname upon first connection. You can either use lmhosts files, hosts files, or make sure your mail server has a DNS entry in your clients dns server and the client is properly configured for appending the domain suffix to DNS queries for your domain.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...