DMZ and Checkpoint

Hi All

I have a Nokia IP 350 with Checkpoint NG R54. I am implementing a Spamfilter Gateway called MimeSweeper that I would like to place in a DMZ on the Nokia. I am not sure how to do this part of the setup.
Any assistance will be greatly appreciated.

The Falcon
FalconTwoAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

srikrishnakCommented:
okies....IP350 comes with 4 default FE interfaces..So how many interfaces you already used..I guess most likely you must be using a minimum three interfaces...
So check which segment is configured as DMZ...

(Internal or Local LAN)<-----------Nokia/FW-------------->(Internet)
                                                      |
                                                      |
                                                      V
                                                  (DMZ)

This will be the most common setup in firewalls...so are you going to install the smapfilter gateway on a Server and then you want to place it on DMZ..So check the Network of DMZ n configure the server IP address there...
If i am not wrong all these products such as spam filters or av gateways rely on some sort of proxy server or we need to divert all the traffic to them for the scanning..do you have a proxy or something liek that....
FalconTwoAuthor Commented:
Hi THere
The IP350 has 4 Interfaces. Two is being used as far. I plug the gateway in the 3 interface to set up the DMZ. No I do not have a proxy server. I have a checkpoint FW. I do not have a DMZ configured as yet
Tim HolmanCommented:
Assuming you already have a mail server, setup behind the firewall with a NAT rule on Check Point, then:

1)  Change NAT rule on Check Point to direct requests to the public IP of your mail server to the gateway on the DMZ
2)  Allow through port 25
3)  Setup a firewall rule to allow the gateway and mail server to communicate
4)  Ensure that your internal mail server identifies the new gateway as a mail relay
srikrishnakCommented:
gotcha ?...

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.