Solved

Watchguard Firebox III 700 routing/NAT issues

Posted on 2008-10-21
2
750 Views
Last Modified: 2013-11-16
I have (2) SMTP servers behind a Watchguard III Firewall.  The SMTP servers are on different domains.

SMTP-1 has a private address of 192.168.1.100 and a public address of 207.x.x.148
SMTP-2 has a private address of 192.168.1.95 and a public address of 207.x.x.146

I configured the Watchguard for 1-to-1 NAT.

I am able to send and receive mail from both servers with the following excption:  Email's sent from SMTP-2 to any address on SMTP-1are queued and never delivered.

I am able to ping 192.168.1.100 from 192.168.1.95.  I am unable to ping 207.x.x.148 from 192.168.1.95
0
Comment
Question by:ltrcne
2 Comments
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
ID: 22855969
As the servers are behind WG; they must use the internal IP address as oppose the public IP to send email to each other; what happens as with most devices on WG the ingress and egress interface cannot be same; hence you cannot send emails from server1->server2 or vice-versa [by default the SMTP server would use DNS which would direct the request to public IP].

You can configure a secondary zone on the DNS server so that the servers can internally send/receive the traffic.

Thank you.
0
 

Author Closing Comment

by:ltrcne
ID: 31508430
I was able to resolve my issue my making changes to our internal DNS servers.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows Filtering Blocking some port 80 Event 5152 2 100
windows 10 being blocked by AVG 3 63
Not able to ping DMZ port on Firewall from the switch. 11 57
DDOS against DYN 9 128
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question