They were considering switching however there is one feature that is a must.
One feature they are using is called DNS rewrite.
Microsoft has a mail server and mail comes in as @microsoft.com. With the rewrite microsoft could also have an MX record for a misspelling like @mcrosoft.com. Now instead of 10,000 users having two mail addresses the Check Point firewall will rewrite the domain as @microsoft.com.
Does the PIX have a similar funtionality? Is that the DNS rewrite? If so does anyone have any information?
A search on Cisco.com doesn't bring up much for "DNS rewrite"
Iam afraid this is not supported. You will need a work-around. I suggest working with DNS/MAIL admin to have all misspelled domains configured with same MX record in DNS. (this probably already done) And creating domain aliases on the MAIL server to the real domain "microsoft.com". It would be less CPU intensive if you go with aliases rather than rewriting every SMTP with new domain on a firewalls.
Thank you but they won't go that way. One deciding factor when they purchased the Check Point Firewall was this feature. It really has no impact on the CPU of the Firewall to have the rewrites. The misspelling is few and far between, however it is necessary and they have no desire to add the aliases when there is an easy solution.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...