Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Pop3 thru sonic wall

Posted on 2004-08-22
9
Medium Priority
?
1,130 Views
Last Modified: 2013-12-19
Previous setup: Windows NT Exchange 5.5, direct one to one NAT translation with external IP address thru Sonic Wall Pro 200 with Field Salespersons accessing email thru pop3 request from exchange server.

Current:
1.Installed Symantec Gateway for SMTP
2.Changed direct NAT thru Sonic Wall to point at SMTP Gateway
3.Installed DNS Server on Domain
4.Created rule to open port 110 thru Sonic Wall (POP3 request to LAN)

All works fine except POP3 accounts cannot log in.
Sonic Wall Pro 200 does not have a direct port forwarding option, that I can find, to point POP3 requests directly to the exchange server and bypass the SMTP Gateway and their tech support is in India.(They have been helpful but the language barrier is difficult and I do not know if they exactly understand my issue)
0
Comment
Question by:itsmedtt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 37

Expert Comment

by:bbao
ID: 11868375
hi itsmedtt, what you need is just a port forwarding for incoming POP3 access. i am not sure if SonicWall Pro 200 does not support this, you know, it is very common feature which is supported by most firewall prodcuts. could you please tell me the URL that i can download its user manual for study. thanks, bbao
0
 

Author Comment

by:itsmedtt
ID: 11873931
http://www.sonicwall.com/services/pdfs/InternetSecurityApplianceFamilyManual.pdf

This is the only link that I found for them.

I was thinking of buying a Linksys router that as port forwarding on it and sticking it in front of the Sonicwall, doing a one to one nat translation to the Linksys and seperating the ports there as a temporary solution to buy me time for research and evaluation of a more permanenet solution. Can you think of any holes in that temp solution?
0
 
LVL 37

Expert Comment

by:bbao
ID: 11874596
you can do it, with the "Public LAN Server" feature of this box, by adding a known service, you may make your email server visible on the internet. btw, you may even custom a specific server that is not listed in its list of known service.

thanks for the manual's URL, you may find more detailed information from page 129 to 130.

hope it helps,
bbao
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:itsmedtt
ID: 11877797
Greetings,

Yes I have already set those rules. And port 110 is open to the LAN. I have also verified that port 110 on the exchange is listening. I am not certain but I think that the issue maybe in the DNS settings. I have set the MX record toward the mail server.

Ay other suggestions?
0
 
LVL 37

Expert Comment

by:bbao
ID: 11877848
> Yes I have already set those rules. And port 110 is open to the LAN.

you mean you have already tried to open port 110 using the public LAN server feature of the firewall?

> I have also verified that port 110 on the exchange is listening.

how did you vierify that the port 110 is under licstening status? by using "TELNET ExchangeServer 110" command from the outside?

> I am not certain but I think that the issue maybe in the DNS settings.

who resolves the DNS name for your domain name? your local DNS server or your local ISP?

> I have set the MX record toward the mail server.

try "TELNET IPaddress 110" at first

later,
bbao
0
 

Author Comment

by:itsmedtt
ID: 11888117
Yes I have already set those rules. And port 110 is open to the LAN.

>you mean you have already tried to open port 110 using the public LAN server feature of the firewall?

Yes, I have set the service feature allowing pop3 access thru the firewall and also etablished the rules to allow it access the IP address of the Exchange server.

>how did you vierify that the port 110 is under licstening status? by using "TELNET ExchangeServer 110" command from the outside?

I ran a port scan on the server from the server. ( per directions from support.microsoft.com, the link is at work or I would add to post, sorry)

>who resolves the DNS name for your domain name? your local DNS server or your local ISP?

The ISP has been the only DNS running for the Domain. Last Thursday the subscription for Sonic Wall virus filter expired.( I am new on this network, just started a few weeks ago and have been trying to extinguish fires and learn the network) The company had already purchased the symantec enterprise suite but had only installed the coporate virus protection. When the when the firewall stopped stripping attachments we were flooded virus and adware. As soon as I realized the problem I grabbed a spare box and installed The Symantec Gateway. It needed a local DNS so I I brought up another box for DNS. Then I redirected the NAT one to one from the exchange server to the Gateway. All seems to be working well with the exception of a few workstations with Office 2003 not being able to connect to the exchange server (I added the local DNS server in their network settings and they are working fine now) and access to POP3 from the internet.


try "TELNET IPaddress 110" at first
0
 

Author Comment

by:itsmedtt
ID: 11894990
OK found the problem posted at symantec.
They list a work around. Seems a little fuzzy to me. Do you have any insight or greater detail on how to accomplish this?
http://service1.symantec.com/SUPPORT/ent-gate.nsf/dc983c4134c90dfd88256c0e00592490/a0580e488ff140c188256dcf0001a3e0?OpenDocument&src=bar_sch_nam
0
 
LVL 37

Accepted Solution

by:
bbao earned 2000 total points
ID: 11895501
hehe, it looks that symantec solution is so strange. :) so it seems you should setup symantec gateway software on another machine (or same machine with additional IP), then change your DNS server's settings to distinguish server-server and client-server smtp taffic, and define new firewall rules to forward incoming smtp requests to different servers. can you reconfigure your DNS and symantec SMTP gateway?
0
 

Author Comment

by:itsmedtt
ID: 11897677
Thanks bbao,

I think I got it. Used another static IP from ISP called it pop.mail.mydomain.com, ran NAT thru Sonic Wall  and all seems right with the world.

Thanks
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Resolve DNS query failed errors for Exchange
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question