We have just installed a Barracuda Networks Anti-Spam appliance and are having issues configuring it with
Checkpoint Firewall 1-NG . Heres the email that our network consultant sent to me to post here.
The Checkpoint Firewall has a host defined as x.y.z.a. It has a FQDN associated with it.
I have published ports 25,110,3000 and 3389 on that address to forward those protocols to an internal server at 192.168.1.100.
If I now want to split SMTP out and send it to another internal server it seems that the rule defined to do so negates delivery of 110,3000 and 3389 to the original server.
I use a STATIC NAT on each of the hosts.
SOURCE DESTINATION SERVICE ACTION
Any SpamServer SMTP Allow
Any Mailserver SMTP Allow
Both Hosts Spamserver and Mailserver have the same NAT translation to the published IP Address
For example 18.104.22.168
The first rulle seems to negate the effects of the second rule.
How do I publish the SMTP port to one server and the POP port to another server using the same defined external IP address?