How do I publish the SMTP port to one server and the POP port to another server using the same defined external IP address? - Firewalls

This is a discussion on How do I publish the SMTP port to one server and the POP port to another server using the same defined external IP address? - Firewalls ; We have just installed a Barracuda Networks Anti-Spam appliance and are having issues configuring it with Checkpoint Firewall 1-NG . Heres the email that our network consultant sent to me to post here. The Checkpoint Firewall has a host defined ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: How do I publish the SMTP port to one server and the POP port to another server using the same defined external IP address?

  1. How do I publish the SMTP port to one server and the POP port to another server using the same defined external IP address?

    We have just installed a Barracuda Networks Anti-Spam appliance and
    are having issues configuring it with
    Checkpoint Firewall 1-NG . Heres the email that our network consultant
    sent to me to post here.

    The Checkpoint Firewall has a host defined as x.y.z.a. It has a FQDN
    associated with it.

    I have published ports 25,110,3000 and 3389 on that address to forward
    those protocols to an internal server at 192.168.1.100.

    If I now want to split SMTP out and send it to another internal server
    it seems that the rule defined to do so negates delivery of 110,3000
    and 3389 to the original server.

    I use a STATIC NAT on each of the hosts.

    Eg

    SOURCE DESTINATION SERVICE ACTION
    Any SpamServer SMTP Allow
    Any Mailserver SMTP Allow
    POP
    RDP
    Custom_3000

    Both Hosts Spamserver and Mailserver have the same NAT translation to
    the published IP Address
    For example 211.211.210.10

    The first rulle seems to negate the effects of the second rule.

    How do I publish the SMTP port to one server and the POP port to
    another server using the same defined external IP address?

  2. Re: How do I publish the SMTP port to one server and the POP portto another server using the same defined external IP address?

    Aaron wrote:
    > We have just installed a Barracuda Networks Anti-Spam appliance and
    > are having issues configuring it with
    > Checkpoint Firewall 1-NG . Heres the email that our network consultant
    > sent to me to post here.
    >
    > The Checkpoint Firewall has a host defined as x.y.z.a. It has a FQDN
    > associated with it.
    >
    > I have published ports 25,110,3000 and 3389 on that address to forward
    > those protocols to an internal server at 192.168.1.100.
    >
    > If I now want to split SMTP out and send it to another internal server
    > it seems that the rule defined to do so negates delivery of 110,3000
    > and 3389 to the original server.
    >
    > I use a STATIC NAT on each of the hosts.
    >
    > Eg
    >
    > SOURCE DESTINATION SERVICE ACTION
    > Any SpamServer SMTP Allow
    > Any Mailserver SMTP Allow
    > POP
    > RDP
    > Custom_3000
    >
    > Both Hosts Spamserver and Mailserver have the same NAT translation to
    > the published IP Address
    > For example 211.211.210.10
    >
    > The first rulle seems to negate the effects of the second rule.
    >
    > How do I publish the SMTP port to one server and the POP port to
    > another server using the same defined external IP address?


    You'd have to use Port translation with both internal hosts NAT-ted
    behinfd the firewall address and manual NAT rules. Its described in the
    User Guuide or Admin Guide.

+ Reply to Thread