Solved

Configuring new Watchguard X550e with internal Exchange

Posted on 2009-05-14
6
797 Views
Last Modified: 2013-11-16
Hi experts - I just purchased a new Watchguard X550e for my network and want to verify my settings are correct before my first test run.  

My internal network is 10.8.0.0/13
My internal Exchange is 10.8.2.5
My external IP is 12.229.X.X

For the system manager I added the 1-to-1 NAT of NAT Base: 12.229.X.X and real base of 10.8.2.5.

In my SMTP proxy rule settings I have From: Any-External and for the To: portion I added the host IP of my external interface - should i be adding a static NAT here, or the external interface alias?  I'm just unsure of the correct settings.

Also, I set dyanmic NAT to be 10.8.0.0/13 - Any/External.  Do I need to do anything else with this or is this the only place I need to set it?

Thanks!
0
Comment
Question by:jmtoman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
ID: 24388520
The settings are fine, just that some details are need to be sure that they are correct:
1. Do you have multiple IPs or single IP address.
 If just one, then you don't need 1-1 NAT.
2. if you have multiple IP addresses and wish to do 1-1 NAT for the SMTP server, then please make sure you have not added any secondary network on external interface for the same IP.
 If you have added secondary network; please remove it.
3. In the SMTP policy in the TO box, if you have single IP then you would configure as:
    12.229.x.y->10.8.2.5
 If you have multiple IPs, then after adding 1-1 NAT, configure TO as:
    12.229.x.z [1-1 public IP]

Please implement and update.

Thank you.
0
 

Author Comment

by:jmtoman
ID: 24395242
Ok I've changed all my firewall settings and removed my 1-to-1 NAT.  I only have the one IP so, this setup should be good.  I'll be testing everything this weekend to make sure it works alright.
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 24399155
Please update about the results.

Thank you.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:jmtoman
ID: 24422384
Sorry for the delay in posting a reply.  I was able to successfully telnet into my mail server through the firewall and send an email, I also was able to use OWA so that works fine.  I have one more general firewall question, under Network->Configuration->WINS/DNS - are these settings relevant to anything, do i even need to set them?
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 24428740
No problem; the WINS/DNS settings are used by WG for following purpose:
1. If WG is acting as DHCP Server on the network.
2. Fore remote users [PPTP/IPSec/SSL].
3. For name resolution when using hostwatch or logviewer.

Thank you.
0
 

Author Comment

by:jmtoman
ID: 24450182
thanks for your help
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Read this checklist to learn more about the 15 things you should never include in an email signature.
how to add IIS SMTP to handle application/Scanner relays into office 365.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the adminiā€¦

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question