Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: pix 501 question

pix 501 question 10 years 6 months ago #14979

  • danherbon
  • danherbon's Avatar
  • Offline
  • Frequent Member
  • Posts: 24
  • Karma: 0
i have put up an internal mail server for our office and i eventually wanna make that the primary. the mail server is sitting behind a pix 501 firewall. if i forward ports 25 and 110 to the server from the outside interface to the inside interface will that in turn effect internal users when attempting to check mail externally at all?

hopefully this makes sense. thanks for any replies and help.
The administrator has disabled public write access.

Re: pix 501 question 10 years 5 months ago #15421

  • Chris
  • Chris's Avatar
  • Offline
  • Administrator
  • Posts: 1446
  • Thank you received: 13
  • Karma: 8
danherbon,

You won't have any problems when your users try to access external mail servers.

The PIX Firewall appliance supports stateful packet inspection, meaning it will 'know' if an incoming packet is a reply from a previously outbound request and let it pass through if your access lists allow it.

When a smtp/pop reply comes from an external server (from a request generated by your internal users), the source port of this reply will be port 25 or 110 depending on the service selected.

In the configuration you mention, the PIX Firewall will perform the forwarding to your internal smtp/pop server when the destination port is either 25 or 110.

Please check the TCP/IP section of our site to get a clear view on the source and destination ports and how they change depending on where the traffic originated.

Hope this helps.

Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
The administrator has disabled public write access.
Time to create page: 0.072 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup