?
Solved

Watchguard Firebox III 700 routing/NAT issues

Posted on 2008-10-21
2
Medium Priority
?
756 Views
Last Modified: 2013-11-16
I have (2) SMTP servers behind a Watchguard III Firewall.  The SMTP servers are on different domains.

SMTP-1 has a private address of 192.168.1.100 and a public address of 207.x.x.148
SMTP-2 has a private address of 192.168.1.95 and a public address of 207.x.x.146

I configured the Watchguard for 1-to-1 NAT.

I am able to send and receive mail from both servers with the following excption:  Email's sent from SMTP-2 to any address on SMTP-1are queued and never delivered.

I am able to ping 192.168.1.100 from 192.168.1.95.  I am unable to ping 207.x.x.148 from 192.168.1.95
0
Comment
Question by:ltrcne
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 32

Accepted Solution

by:
dpk_wal earned 2000 total points
ID: 22855969
As the servers are behind WG; they must use the internal IP address as oppose the public IP to send email to each other; what happens as with most devices on WG the ingress and egress interface cannot be same; hence you cannot send emails from server1->server2 or vice-versa [by default the SMTP server would use DNS which would direct the request to public IP].

You can configure a secondary zone on the DNS server so that the servers can internally send/receive the traffic.

Thank you.
0
 

Author Closing Comment

by:ltrcne
ID: 31508430
I was able to resolve my issue my making changes to our internal DNS servers.
0

Featured Post

Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question