Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

pix-mailguard-ipsec-exchange2003

hello!

i have pix 515e wich protect my dmz and corporate network.

i have ipsec vpn lan2lan connections to outside offices

in my network i use 15 exchange 2003 mail servers and 1 sendmail mail gateway in dmz.

one exchange 2003 server is inside net wich connected to main office thru ipsec vpn on pix and cisco 851.

in pix is enablen mailguard.

well

when mailguard is enabled - ms exchange 2003 servers did/nt send and recive mail thru smtp RG connector becouse echange2003 use extended smtp command list wich is blocked by mailguard.

when i disable mailguard all is ok but i disable mailguard at all and my dmz sendmail gateway did'nt protected by it.

my qestion is - how to disable mailguard for traffic only in ipsec vpn tunnel?

sorry for bad english. 8-)

1 REPLY
Silver

Re: pix-mailguard-ipsec-exchange2003

In the 7.x versions you can use the modular policy framework. You can create a policy that matches specific traffic then apply inspection to that traffic. Below is a link. I do not know of a way to do it with earlier version. The application inspection (fixup) has been improved in the new versions.

http://www.cisco.com/en/US/customer/products/ps6120/products_configuration_guide_chapter09186a0080450c8e.html

Thanks,

Chad

140
Views
0
Helpful
1
Replies
CreatePlease to create content