Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2305
Views
0
Helpful
2
Replies

DSL & Pix configuration issue

millerv
Level 1
Level 1

‎02-09-2001 09:14 AM - edited ‎02-20-2020 09:46 PM

We are trying to install a pix 506 behind a 675 dsl

modem. One of the specifications is to allow mail

to the inside MS-exchange server. Built the static

and conduit per appendix c of the pix config guide,

But can only get outbound mail to work.

Should we use the IPCP address from the 675 as the

"outside" interface address?

We tried building the conduit with the IPCP address

as the "outside" address in the conduit command

with no luck....

0 Helpful
2 Replies 2

s-doyle
Level 3
Level 3

‎02-14-2001 02:39 PM

Is this the Appendix C you were following? http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v53/config/msexchng.htm

That is only for Exchange mail relay’s through the PIX. Everything on your network should gateway at the PIX’s inside interface. The static will be setup between the mailserver’s real address and it’s MX record. The PIX proxy arps for that address and it must be unique and unused on the outside segment. If you are not doing NAT, use the same address twice in your static. Then, setup your conduits allowing SMTP and/or POP3. If you want to use NetBios exchange mail, you have to open a lot of conduits and it’s pretty insecure so I’d just stick with SMTP as your Internet gateway. This link should help:

http://www.cisco.com/warp/customer/707/28.html

0 Helpful

millerv
Level 1
Level 1
In response to s-doyle

‎02-15-2001 10:25 AM

Correct. I have used the appendix C config before, the difference being this one is using dsl.

our last attempt had a static definition between the registered IP address for the MX record and

an un registered address on the inside. The only thing not working at this point is inbound mail.

clents can connect to the web, and mail goes out, but not in. Its off to the TAC on this. They have

looked over the Pix config and see notning wrong. Its going to be one of those intersting

Techniclal Discoveries that make you slap your head and shrug your shoulders.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card