Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

MSExchange+Proxy server on the inside of PIX 515

We have msexchange and a proxy server.The server has one NIC connected to the internet with a valid address .proxy client is installed on the xchnage server which receives/sends mails via the proxy server .Our Mx record is pointing to the proxy.

I have installed a pix 515 and put the exchange and the proxy server on the inside.Our proxy is running www as well.

There seems to some problem with sending and recieing mails ,The proxy too doesnt speak to internet.I have put static nat only for the proxy address and using PAT for rest of the clients on the 515 as we have shortage of ip addreses.

What am I missing any clues ?

Thks in advance

Shiva

5 REPLIES
New Member

Re: MSExchange+Proxy server on the inside of PIX 515

Sounds like you need to create your conduits or access-list depending on what you prefer. Of course port 25, 80.

Mike

New Member

Re: MSExchange+Proxy server on the inside of PIX 515

I have opened port 25 and 80 on the firewall.

There is some other issue

sp

New Member

Re: MSExchange+Proxy server on the inside of PIX 515

seems like u didnt setup conduit perfectly ,yr proxy server must browse the web ,since u were using msexchange behind proxy if u didnt setitup yourself u need to know that there is some ini files pointing to proxy server on exchange so u need to remove them and make a conduit for exchange

static (inside,outside) 212.42.143.226 172.16.1.3 netmask 255.255.255.255

conduit permit tcp host 212.42.143.227 eq smtp any

New Member

Re: MSExchange+Proxy server on the inside of PIX 515

What version do you have.

If is 6.01 there are a bug with the Mailguard feature. If you try to make a telnet to port 25 you'll get ************

Try configuring

no fixup protocol smpt

Hope it help.

kit
New Member

Re: MSExchange+Proxy server on the inside of PIX 515

When you configure proxy and have an internal mail server you bind the tcp port 25 to the external interface on the proxy. The ini files reflect that. Unbind the mail ports in the ini files, restart exchange services and setup a conduit on the PIX. Do you have dynamic packet filtering setup on the Proxy? Please ensure that tcp port 80 outbound from dynamic port inside is open, and the smtp port 25 is open on the proxy. I hope it helps!

155
Views
0
Helpful
5
Replies