Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Cisco (http://www.velocityreviews.com/forums/f27-cisco.html)
-   -   Pix 515 with a Barracuda SPAM FW and SMTP and HTTP access (http://www.velocityreviews.com/forums/t433559-pix-515-with-a-barracuda-spam-fw-and-smtp-and-http-access.html)

Joel 01-04-2007 06:19 PM

Pix 515 with a Barracuda SPAM FW and SMTP and HTTP access
 
I have a Pix 515 v.6.3 using PAT. I have a static translation from my
outside network to my inside mail server both for HTTP and SMTP (they
are on the same box).

I have an outside ACL that sends all SMTP/HTTP traffic to this
SMTP/HTTP box on the inside

I have a Barracuda SPAM FW inside

I have an SMTP server with HTTP web based email access inside (they on
the same box. I know, I know)

Visually, it looks like this.

--------------------Barracuda
/
Dragons ) ------PixFW ----/ --------------------SMTP/HTTP server

On the Pix, I can setup the static translation to point to either the
Barracuda -which will forward to the SMTP OK - but I lose connectivity
with HTTP. Or, I can ignore the Barracuda -which I don't want to do -
and just send all SMTP and HTTP requests to my HTTP server.

Is there a way to have the SMTP traffic head to the Barracuda (then
forward the SMTP server) and the HTTP traffic head to by HTTP mail
gateway without a static translation in the meantime keeping the
HTTP/SMTP box the same?


Chad Mahoney 01-04-2007 06:53 PM

Re: Pix 515 with a Barracuda SPAM FW and SMTP and HTTP access
 
Joel wrote:
> I have a Pix 515 v.6.3 using PAT. I have a static translation from my
> outside network to my inside mail server both for HTTP and SMTP (they
> are on the same box).
>
> I have an outside ACL that sends all SMTP/HTTP traffic to this
> SMTP/HTTP box on the inside
>
> I have a Barracuda SPAM FW inside
>
> I have an SMTP server with HTTP web based email access inside (they on
> the same box. I know, I know)
>
> Visually, it looks like this.
>
> --------------------Barracuda
> /
> Dragons ) ------PixFW ----/ --------------------SMTP/HTTP server
>
> On the Pix, I can setup the static translation to point to either the
> Barracuda -which will forward to the SMTP OK - but I lose connectivity
> with HTTP. Or, I can ignore the Barracuda -which I don't want to do -
> and just send all SMTP and HTTP requests to my HTTP server.
>
> Is there a way to have the SMTP traffic head to the Barracuda (then
> forward the SMTP server) and the HTTP traffic head to by HTTP mail
> gateway without a static translation in the meantime keeping the
> HTTP/SMTP box the same?
>


you can use:

static (inside,outside) tcp x.x.x.x 25 192.168.0.5 25 netmask
255.255.255.255


static (inside,outside) tcp x.x.x.x 80/443 192.168.0.6 80/443 netmask
255.255.255.255

access-list myacl permit tcp any host x.x.x.x eq 25
access-list myacl permit tcp any host x.x.x.x eq 80/443


Now these are PAT translations not static translations, you can only use
a static translation with one internal IP and one external IP.


All times are GMT. The time now is 02:42 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.