Sending reports/alarms via SMTP on a Juniper Networks Netscreen 5GT

I have a Juniper Networks Netscreen 5GT firewall that is up and running just fine...with one exception.   I can't for the life of me get the firewall to send an email alarm/notification whenever a security event occurs on the firewall.

I wish to have reports when alarms occur sent to a GMAIL email address. I have logged into the firewall admin panel, and clicked on Configuration > Report Settings > Email   and then turned on the 'Enable E-mail Notification for Alarms' option.

However, there appears to be an engineering oversight on this Email page in that Juniper has failed to consider that one would have to have an open mail relay in order to send email through.  Juniper has  failed to include any user name or password for SMTP servers that require authentication before accepting mail requests.

How is one supposed to send email to a Gmail.com email address?

I have tried entering the domain of my mail server (mail.mydomain.com) which is behind the firewall, but no mail ever gets sent.  I've tried the IP address of my mail server (192.168.1.2), and the word "localhost", but all attempts fail.  No alarms/reports ever get sent to a Gmail.com address.

Has anyone been able to get a Netscreen 5GT to send email alarms to a SMTP server that is NOT an open relay?
SofttechAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jabiiiCommented:
The emails are sent from hostname@domainname to SMTP server you identify, and the email address you identify.
The SMTP server your using should see the request as an Incoming request and process it as normal. Unles of course your saying it's internal, and you are sending email internal. and the mail server is requiring the login there.

But your VPN shouldn't have a @gmail account, so it wouldn't need to login to send the email.

I haven't seen a problem with the mail yet, other than it get's spammy.
0
SofttechAuthor Commented:
>> The emails are sent from hostname@domainname
>> to SMTP server you identify

You've lost me.

>> The emails are sent from hostname@domainname
>> ..., and the email address you identify.

Sent from hostname@domainname AND from the email address I identify?  How can an email report be sent from TWO sources at the same time?

>> The SMTP server your using should see the request as an
>> Incoming request and process it as normal.

How does one accurately specify in the firewall configuration the SMTP server.  Do you use the public untrusted IP, or the internal dynamic trusted IP assigned by the firewall, or the mail.domain.com designator, or...??

>> But your VPN shouldn't have a @gmail account

I don't have any VPN in place.

I wanted the reports sent to the WAN...to the Internet...to an external email address.  Is this not possible?

0
jabiiiCommented:
SMTP Server Name: IP or DNS name if you can use DNS from your location. - this is the ip/name of the SMTP server that your Firewall/VPN will be sending the emails to.
E-mail address: this is the email address that the Firewall/VPN will be sending the emails to.
When the emails arrive, they will show as being from your firewalls/VPN's: hostname@domainname

>> The emails are sent from hostname@domainname
>> to SMTP server you identify
Meaning it comes from hostname@domainname, sent to the SMTP server you identified.

>> The emails are sent from hostname@domainname
>> ..., and the email address you identify.
>Sent from hostname@domainname AND from the email address I identify?  How can an email report be sent from TWO sources at the same time?

Reread that.
he emails are sent from hostname@domainname to SMTP server you identify, and the email address you identify.
Meaning. it comes from hostname@domainname sent to SMTP server, to destination email you identified.

When I said VPN, your NS is a Firewall and VPN, even if you don't use VPN tunnels.

Yes it's possible.

let's say you want the email sent to you@gmail.com
and the mail server you are sending it to is 1.1.1.1

your SMTP server name (external to your FW/VPN): 1.1.1.1
Email address: you@gmail.com

when the message arrives at you it will be from your FW/VPN's hostname@domainname.

hope that helps.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

jabiiiCommented:
Did ya get it working Soft?
0
SofttechAuthor Commented:
>> Did ya get it working Soft?

Yes.  It helps if one's SMTP's server doesn't have the firewall's IP address in its blacklist.  :-(
0
jabiiiCommented:
LOL, yup that can do it :) Don't you hate it when it's the simple things?

seriously good catch. glad you got it workin!

Jim
0
SofttechAuthor Commented:
>> Don't you hate it when it's the simple things

Yes, because it makes me look like an idiot.  :-(
0
jabiiiCommented:
naw, we all do it. just say you didn't have control over that server, *wink*
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.