Solved

How do I terminate mail SSL (993) and forward to internal mail server with Cisco PIX 501

Posted on 2009-07-10
2
478 Views
Last Modified: 2012-05-07
Hello,

I wish to install a certificate for my mail server on our firewall, and have SSL terminate there. This way the DN of the certificate will match the IP of the firewall, which is aliased to our email server. The CISCO PIX firewall then should forward the connection to the mail server (143).

(Internet)                                             (Firewall)                                      (Internal System)
IMAP Client --------993/imaps -------> [Cisco PIX]---------143/imap---------->mail server

Is this possible?

What is the configuration for the certificate and root Certificate? What are the settings for forwarding the packets after SSL is terminated?


TIA!
0
Comment
Question by:wbathurs
2 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 24829785
As far as I know. PIX can't do TLS Reverse Proxy. All you can do is NAT/PAT the inbound connection to the secure port on the inside server.
0
 

Author Closing Comment

by:wbathurs
ID: 31602380
No good suggestions around the issue
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now