• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1136
  • Last Modified:

Pop3 thru sonic wall

Previous setup: Windows NT Exchange 5.5, direct one to one NAT translation with external IP address thru Sonic Wall Pro 200 with Field Salespersons accessing email thru pop3 request from exchange server.

Current:
1.Installed Symantec Gateway for SMTP
2.Changed direct NAT thru Sonic Wall to point at SMTP Gateway
3.Installed DNS Server on Domain
4.Created rule to open port 110 thru Sonic Wall (POP3 request to LAN)

All works fine except POP3 accounts cannot log in.
Sonic Wall Pro 200 does not have a direct port forwarding option, that I can find, to point POP3 requests directly to the exchange server and bypass the SMTP Gateway and their tech support is in India.(They have been helpful but the language barrier is difficult and I do not know if they exactly understand my issue)
0
itsmedtt
Asked:
itsmedtt
  • 5
  • 4
1 Solution
 
bbaoIT ConsultantCommented:
hi itsmedtt, what you need is just a port forwarding for incoming POP3 access. i am not sure if SonicWall Pro 200 does not support this, you know, it is very common feature which is supported by most firewall prodcuts. could you please tell me the URL that i can download its user manual for study. thanks, bbao
0
 
itsmedttAuthor Commented:
http://www.sonicwall.com/services/pdfs/InternetSecurityApplianceFamilyManual.pdf

This is the only link that I found for them.

I was thinking of buying a Linksys router that as port forwarding on it and sticking it in front of the Sonicwall, doing a one to one nat translation to the Linksys and seperating the ports there as a temporary solution to buy me time for research and evaluation of a more permanenet solution. Can you think of any holes in that temp solution?
0
 
bbaoIT ConsultantCommented:
you can do it, with the "Public LAN Server" feature of this box, by adding a known service, you may make your email server visible on the internet. btw, you may even custom a specific server that is not listed in its list of known service.

thanks for the manual's URL, you may find more detailed information from page 129 to 130.

hope it helps,
bbao
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
itsmedttAuthor Commented:
Greetings,

Yes I have already set those rules. And port 110 is open to the LAN. I have also verified that port 110 on the exchange is listening. I am not certain but I think that the issue maybe in the DNS settings. I have set the MX record toward the mail server.

Ay other suggestions?
0
 
bbaoIT ConsultantCommented:
> Yes I have already set those rules. And port 110 is open to the LAN.

you mean you have already tried to open port 110 using the public LAN server feature of the firewall?

> I have also verified that port 110 on the exchange is listening.

how did you vierify that the port 110 is under licstening status? by using "TELNET ExchangeServer 110" command from the outside?

> I am not certain but I think that the issue maybe in the DNS settings.

who resolves the DNS name for your domain name? your local DNS server or your local ISP?

> I have set the MX record toward the mail server.

try "TELNET IPaddress 110" at first

later,
bbao
0
 
itsmedttAuthor Commented:
Yes I have already set those rules. And port 110 is open to the LAN.

>you mean you have already tried to open port 110 using the public LAN server feature of the firewall?

Yes, I have set the service feature allowing pop3 access thru the firewall and also etablished the rules to allow it access the IP address of the Exchange server.

>how did you vierify that the port 110 is under licstening status? by using "TELNET ExchangeServer 110" command from the outside?

I ran a port scan on the server from the server. ( per directions from support.microsoft.com, the link is at work or I would add to post, sorry)

>who resolves the DNS name for your domain name? your local DNS server or your local ISP?

The ISP has been the only DNS running for the Domain. Last Thursday the subscription for Sonic Wall virus filter expired.( I am new on this network, just started a few weeks ago and have been trying to extinguish fires and learn the network) The company had already purchased the symantec enterprise suite but had only installed the coporate virus protection. When the when the firewall stopped stripping attachments we were flooded virus and adware. As soon as I realized the problem I grabbed a spare box and installed The Symantec Gateway. It needed a local DNS so I I brought up another box for DNS. Then I redirected the NAT one to one from the exchange server to the Gateway. All seems to be working well with the exception of a few workstations with Office 2003 not being able to connect to the exchange server (I added the local DNS server in their network settings and they are working fine now) and access to POP3 from the internet.


try "TELNET IPaddress 110" at first
0
 
itsmedttAuthor Commented:
OK found the problem posted at symantec.
They list a work around. Seems a little fuzzy to me. Do you have any insight or greater detail on how to accomplish this?
http://service1.symantec.com/SUPPORT/ent-gate.nsf/dc983c4134c90dfd88256c0e00592490/a0580e488ff140c188256dcf0001a3e0?OpenDocument&src=bar_sch_nam
0
 
bbaoIT ConsultantCommented:
hehe, it looks that symantec solution is so strange. :) so it seems you should setup symantec gateway software on another machine (or same machine with additional IP), then change your DNS server's settings to distinguish server-server and client-server smtp taffic, and define new firewall rules to forward incoming smtp requests to different servers. can you reconfigure your DNS and symantec SMTP gateway?
0
 
itsmedttAuthor Commented:
Thanks bbao,

I think I got it. Used another static IP from ISP called it pop.mail.mydomain.com, ran NAT thru Sonic Wall  and all seems right with the world.

Thanks
0

Featured Post

Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now