In my inside interface, i have the users, exchange server, anti virus server...
In my DMZ, i have a proxy server.
When the users want to go in internet , it must go it through the proxy(in DMZ)but my difficulties is that i dont know how to configure my pix to do that the all trafic(port 80(www), 25(smtp), 110, 443, 445)must not go directly to the outside interface but it go on the proxy and after the proxy send through the outside interface.
As far as i know, it is not the role of PIX to perform this. IF you want all the web traffic to go through Proxy, then the users browser should be configured with the proxy server's ip address. Only then the web traffic(Port 80,443) originating from users PC( by using the browser) will be forwarded to the Proxy server. Else all the traffic originating from the users pc will be destined with the appropriate destination address, and PIX will be forwarded the traffic to the outside interface.
Not sure on what you are trying to acheive with the ports 25, 110, 445 via proxy...
If you want to forward these ports to the proxy server, then what you are trying achieve will be done through by having WinSock proxy service installed on the proxy server and performing proxy winsock client configuration in the user PCs.
As far as i know, it wouldn't be possible to route exchange server traffic via proxy.
Moreover what kind of mail setup you have.
How is your incoming mails routed to your mail server.. ?
Do you have your own domain record created for MX ? Mostly it should be. If so, the IP Address pointed by the MX Record should be static natted to your exchange server, And the exchange should be allowed to send out and receive mails...
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...