04-24-2003 09:45 PM - edited 02-21-2020 12:29 PM
We have a vpn setup where vpn clients need to access MS-Exchange using MS-Outlook as if they are in LAN. We have configured the vpn zone using "nat 0". We wanted domain authentication, MS-Outlook access. We have three networks connected to the PIX 515 Firewall. 1- VPN Zone, 2-DMZ, 3-Outside(Internet). VPN Clients need to connect to MS-Exchange which is localted in vpn zone. What configurations need to enabled for the same like( access-list, established,..etc). What are all the ports need to be opened.
Thanks in Advance,
Karthikeyan V
04-25-2003 10:12 AM
Hi,
when your traffic is encrypted its IPSec (ESP traffic), so you wont need to open up any specific ports on the outside interface, though make sure that you have sysopt for ipsec.
if you want to granulize access, use an access list on the inbound interface to do that.
thx
Afaq
04-27-2003 10:29 PM
We can able to access smtp, telnet services in VPN Zone with the specified "access-list 80 permit ip
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide