Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

port forwarding

I have a Pix 515 firewall. V5.0

Currently two seperate mail servers on the "DMZ" side of the firewall.

Internal IP: x.x.x.x

Outside IP: y.y.y.y

here is the setup

names x.x.x.10 mail1

x.x.x.26 mail2

Alias (inside) y.y.y.10 mail1 255.255.255.255

Alias (inside) y.y.y.26 mail2 255.255.255.255

Static (dmz,outside) y.y.y.10 mail1 netmask 255.255.255.255 0 0

Static (dmz,outside) y.y.y.26 mail2 netmask 255.255.255.255 0 0

conduit permit tcp y.y.y.10 eq smtp any

conduit permit tcp y.y.y.26 eq smtp any

My question/problem is I am going to incorporate a "smtp" virus filtering server to check port 25 incoming. I would like to place this on the dmz and filter mail traffic. The mail is then forwarded to the mail1 and mail2 server based on domain name. The smtp filter IP would be x.x.x.12

What statements do I need to change for this to work? Do I have to change MX records or just the firewall? I would like to change the firewall only.

2 REPLIES
Silver

Re: port forwarding

you would need to change your mx records - you would need to in order for all internet hosts to send it email before the other hosts.

Community Member

Re: port forwarding

Point your static at the new gateway.

Remove the extra static (or give the server a second ip.)

80
Views
0
Helpful
2
Replies
CreatePlease to create content