[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Sending reports/alarms via SMTP on a Juniper Networks Netscreen 5GT

Posted on 2006-04-20
8
Medium Priority
?
1,521 Views
Last Modified: 2010-04-09
I have a Juniper Networks Netscreen 5GT firewall that is up and running just fine...with one exception.   I can't for the life of me get the firewall to send an email alarm/notification whenever a security event occurs on the firewall.

I wish to have reports when alarms occur sent to a GMAIL email address. I have logged into the firewall admin panel, and clicked on Configuration > Report Settings > Email   and then turned on the 'Enable E-mail Notification for Alarms' option.

However, there appears to be an engineering oversight on this Email page in that Juniper has failed to consider that one would have to have an open mail relay in order to send email through.  Juniper has  failed to include any user name or password for SMTP servers that require authentication before accepting mail requests.

How is one supposed to send email to a Gmail.com email address?

I have tried entering the domain of my mail server (mail.mydomain.com) which is behind the firewall, but no mail ever gets sent.  I've tried the IP address of my mail server (192.168.1.2), and the word "localhost", but all attempts fail.  No alarms/reports ever get sent to a Gmail.com address.

Has anyone been able to get a Netscreen 5GT to send email alarms to a SMTP server that is NOT an open relay?
0
Comment
Question by:Softtech
  • 5
  • 3
8 Comments
 
LVL 9

Expert Comment

by:jabiii
ID: 16520669
The emails are sent from hostname@domainname to SMTP server you identify, and the email address you identify.
The SMTP server your using should see the request as an Incoming request and process it as normal. Unles of course your saying it's internal, and you are sending email internal. and the mail server is requiring the login there.

But your VPN shouldn't have a @gmail account, so it wouldn't need to login to send the email.

I haven't seen a problem with the mail yet, other than it get's spammy.
0
 

Author Comment

by:Softtech
ID: 16521772
>> The emails are sent from hostname@domainname
>> to SMTP server you identify

You've lost me.

>> The emails are sent from hostname@domainname
>> ..., and the email address you identify.

Sent from hostname@domainname AND from the email address I identify?  How can an email report be sent from TWO sources at the same time?

>> The SMTP server your using should see the request as an
>> Incoming request and process it as normal.

How does one accurately specify in the firewall configuration the SMTP server.  Do you use the public untrusted IP, or the internal dynamic trusted IP assigned by the firewall, or the mail.domain.com designator, or...??

>> But your VPN shouldn't have a @gmail account

I don't have any VPN in place.

I wanted the reports sent to the WAN...to the Internet...to an external email address.  Is this not possible?

0
 
LVL 9

Accepted Solution

by:
jabiii earned 500 total points
ID: 16524740
SMTP Server Name: IP or DNS name if you can use DNS from your location. - this is the ip/name of the SMTP server that your Firewall/VPN will be sending the emails to.
E-mail address: this is the email address that the Firewall/VPN will be sending the emails to.
When the emails arrive, they will show as being from your firewalls/VPN's: hostname@domainname

>> The emails are sent from hostname@domainname
>> to SMTP server you identify
Meaning it comes from hostname@domainname, sent to the SMTP server you identified.

>> The emails are sent from hostname@domainname
>> ..., and the email address you identify.
>Sent from hostname@domainname AND from the email address I identify?  How can an email report be sent from TWO sources at the same time?

Reread that.
he emails are sent from hostname@domainname to SMTP server you identify, and the email address you identify.
Meaning. it comes from hostname@domainname sent to SMTP server, to destination email you identified.

When I said VPN, your NS is a Firewall and VPN, even if you don't use VPN tunnels.

Yes it's possible.

let's say you want the email sent to you@gmail.com
and the mail server you are sending it to is 1.1.1.1

your SMTP server name (external to your FW/VPN): 1.1.1.1
Email address: you@gmail.com

when the message arrives at you it will be from your FW/VPN's hostname@domainname.

hope that helps.
0
Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

 
LVL 9

Expert Comment

by:jabiii
ID: 16563975
Did ya get it working Soft?
0
 

Author Comment

by:Softtech
ID: 16564260
>> Did ya get it working Soft?

Yes.  It helps if one's SMTP's server doesn't have the firewall's IP address in its blacklist.  :-(
0
 
LVL 9

Expert Comment

by:jabiii
ID: 16564281
LOL, yup that can do it :) Don't you hate it when it's the simple things?

seriously good catch. glad you got it workin!

Jim
0
 

Author Comment

by:Softtech
ID: 16564426
>> Don't you hate it when it's the simple things

Yes, because it makes me look like an idiot.  :-(
0
 
LVL 9

Expert Comment

by:jabiii
ID: 16564442
naw, we all do it. just say you didn't have control over that server, *wink*
0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month19 days, 23 hours left to enroll

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question