Pix 515 with a Barracuda SPAM FW and SMTP and HTTP access

Discussion in 'Cisco' started by Joel, Jan 4, 2007.

  1. Joel

    Joel Guest

    I have a Pix 515 v.6.3 using PAT. I have a static translation from my
    outside network to my inside mail server both for HTTP and SMTP (they
    are on the same box).

    I have an outside ACL that sends all SMTP/HTTP traffic to this
    SMTP/HTTP box on the inside

    I have a Barracuda SPAM FW inside

    I have an SMTP server with HTTP web based email access inside (they on
    the same box. I know, I know)

    Visually, it looks like this.

    --------------------Barracuda
    /
    Dragons ) ------PixFW ----/ --------------------SMTP/HTTP server

    On the Pix, I can setup the static translation to point to either the
    Barracuda -which will forward to the SMTP OK - but I lose connectivity
    with HTTP. Or, I can ignore the Barracuda -which I don't want to do -
    and just send all SMTP and HTTP requests to my HTTP server.

    Is there a way to have the SMTP traffic head to the Barracuda (then
    forward the SMTP server) and the HTTP traffic head to by HTTP mail
    gateway without a static translation in the meantime keeping the
    HTTP/SMTP box the same?
     
    Joel, Jan 4, 2007
    #1
    1. Advertising

  2. Joel

    Chad Mahoney Guest

    Joel wrote:
    > I have a Pix 515 v.6.3 using PAT. I have a static translation from my
    > outside network to my inside mail server both for HTTP and SMTP (they
    > are on the same box).
    >
    > I have an outside ACL that sends all SMTP/HTTP traffic to this
    > SMTP/HTTP box on the inside
    >
    > I have a Barracuda SPAM FW inside
    >
    > I have an SMTP server with HTTP web based email access inside (they on
    > the same box. I know, I know)
    >
    > Visually, it looks like this.
    >
    > --------------------Barracuda
    > /
    > Dragons ) ------PixFW ----/ --------------------SMTP/HTTP server
    >
    > On the Pix, I can setup the static translation to point to either the
    > Barracuda -which will forward to the SMTP OK - but I lose connectivity
    > with HTTP. Or, I can ignore the Barracuda -which I don't want to do -
    > and just send all SMTP and HTTP requests to my HTTP server.
    >
    > Is there a way to have the SMTP traffic head to the Barracuda (then
    > forward the SMTP server) and the HTTP traffic head to by HTTP mail
    > gateway without a static translation in the meantime keeping the
    > HTTP/SMTP box the same?
    >


    you can use:

    static (inside,outside) tcp x.x.x.x 25 192.168.0.5 25 netmask
    255.255.255.255


    static (inside,outside) tcp x.x.x.x 80/443 192.168.0.6 80/443 netmask
    255.255.255.255

    access-list myacl permit tcp any host x.x.x.x eq 25
    access-list myacl permit tcp any host x.x.x.x eq 80/443


    Now these are PAT translations not static translations, you can only use
    a static translation with one internal IP and one external IP.
     
    Chad Mahoney, Jan 4, 2007
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dave Foster
    Replies:
    9
    Views:
    4,736
    Les Mikesell
    Aug 9, 2004
  2. Cisco Newbie

    Q) HTTP & PIX 515

    Cisco Newbie, Dec 26, 2005, in forum: Cisco
    Replies:
    8
    Views:
    1,771
    Martin Bilgrav
    Jan 3, 2006
  3. Scott Townsend
    Replies:
    8
    Views:
    721
    Roman Nakhmanson
    Feb 22, 2006
  4. Stephen M
    Replies:
    1
    Views:
    694
    mcaissie
    Nov 14, 2006
  5. milan_9211

    HTTP SOAP/HTTP GET/HTTP POST

    milan_9211, Jan 10, 2011, in forum: Software
    Replies:
    0
    Views:
    3,173
    milan_9211
    Jan 10, 2011
Loading...

Share This Page