Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1947
Views
0
Helpful
5
Replies

MSExchange+Proxy server on the inside of PIX 515

s-ariga
Level 1
Level 1

‎07-27-2001 03:13 AM - edited ‎02-20-2020 09:49 PM

We have msexchange and a proxy server.The server has one NIC connected to the internet with a valid address .proxy client is installed on the xchnage server which receives/sends mails via the proxy server .Our Mx record is pointing to the proxy.

I have installed a pix 515 and put the exchange and the proxy server on the inside.Our proxy is running www as well.

There seems to some problem with sending and recieing mails ,The proxy too doesnt speak to internet.I have put static nat only for the proxy address and using PAT for rest of the clients on the 515 as we have shortage of ip addreses.

What am I missing any clues ?

Thks in advance

Shiva

0 Helpful
5 Replies 5

mscaggs
Level 1
Level 1

‎07-27-2001 12:15 PM

Sounds like you need to create your conduits or access-list depending on what you prefer. Of course port 25, 80.

Mike

0 Helpful

s-ariga
Level 1
Level 1
In response to mscaggs

‎07-27-2001 09:24 PM

I have opened port 25 and 80 on the firewall.

There is some other issue

sp

0 Helpful

farhan.ahmed
Level 1
Level 1
In response to s-ariga

‎07-28-2001 01:52 PM

seems like u didnt setup conduit perfectly ,yr proxy server must browse the web ,since u were using msexchange behind proxy if u didnt setitup yourself u need to know that there is some ini files pointing to proxy server on exchange so u need to remove them and make a conduit for exchange

static (inside,outside) 212.42.143.226 172.16.1.3 netmask 255.255.255.255

conduit permit tcp host 212.42.143.227 eq smtp any

0 Helpful

a.giorgi
Level 1
Level 1

‎08-01-2001 04:53 PM

What version do you have.

If is 6.01 there are a bug with the Mailguard feature. If you try to make a telnet to port 25 you'll get ************

Try configuring

no fixup protocol smpt

Hope it help.

0 Helpful

kit
Level 1
Level 1
In response to a.giorgi

‎09-17-2001 10:30 AM

When you configure proxy and have an internal mail server you bind the tcp port 25 to the external interface on the proxy. The ini files reflect that. Unbind the mail ports in the ini files, restart exchange services and setup a conduit on the PIX. Do you have dynamic packet filtering setup on the Proxy? Please ensure that tcp port 80 outbound from dynamic port inside is open, and the smtp port 25 is open on the proxy. I hope it helps!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card