How to open port 25 on Sonicwall Firewall fpr Microsoft exchange incoming/outgoin

Mojojiju
Mojojiju used Ask the Experts™
on
I am in the process of using our Microsoft Exchange server with a domain I purchased from Godaddy.com. I need to know how to allow port 25 to be open for traffic incoming and outgoing to our server's IP.

I am not very experienced with networking or firewalls so please if you can help give me simple easy to understand instructions.

Thanks!
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Login to firewall select the Firewall tab on the lefthand side
Select add and see attached sonic.bmp for incoming mail and
sonic2.bmp for out going mail.
Change the 192.168.0.x to the internal ip of your exchange server.
sonic.bmp
sonic2.bmp
There is an error in the first image the service should be Send E-Mail (SMTP).
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
Thanks guys! Had some other issues blow up at work today so I haven't had a chance to look at this just yet. Please don't forget about me. I will respond with feedback ASAP.

Author

Commented:
Tallafornia,

I have set the rules up for incoming and outgoing as you instructed. I spoke with AT&T (my ISP) and they said port 25 is always open on their end for business customers. So I assume that the port is open on the router too.

However when I try and probe port 25, it says it is running in stealth mode; reference https://www.grc.com/x/ne.dll?bh0bkyd2. Do I need to setup any other rules?
With the 2 rules added you should be able to send and receive email to and form the IP address you entered in the firewall. Have you checked SMTP is running on the server by using Telnet 192.168.0.x 25 to connect to the server. To check from an external source "Telnet Public IP ADDRESS 25".
Have you added the Domain in question to the Exchange server to allow it to accept for that Domain.

Author

Commented:
My Internal IP (server IP) is 74.188.91.50. If I open a command prompt and type: telnet 74.188.91.50 25

Then I get a Could not open connection to the host, Port 25 connection failed...

Now my modem/router (Netopia) provided by At&t has an IP of 74.188.91.49 and if I do the same telnet 74.188.91.49 25 then the command prompt goes blank and nothing pops up for several minutes.

I am checking these both from a client computer connected to the server internally. Do I need to check this from outside the local network?

Yes I used the connect to internet wizard and added my domain as the default.

I am at a dead end. I also have an open question on the domain part and I am stuck on the MX records.

thanks for any help you can provide.

Vance

Commented:
So, you have the sonicwall between the router and the exchange server? what is the ip of the Wan port for the sonicwall?

Author

Commented:
I have attached a screenshot of the firewall settings. Does this help?

thanks,
Sonicwall-add-rule-settings.doc
The Sonicwall is on 192.168.111.x network. The ip address above 74.188.91.50 is a public IP. When you surf to www.whatismyip.com it should display one of the address above, This should be the address assigned to the Wan port of the Sonicwall. What is the ip address of your mail server on the Lan, as this should be the ip address entered in the Sonicwall see the example above.

Commented:
If you do an ipconfig, what is your default gateway?
Commented:
You only have to create the incoming firewall rule.  I've attached a screenshot that shows the settings.
Your outgoing is already allowed so you just need to create the incoming rule.

Here's an explanation of the screenshot.
Allow traffic that matches the following criteria.
Service (SMTP) defines the port used.
Source defines the interface that the SonicWall is looking for the traffic to come from.  Since you've got email servers outside your network that are trying to communicate with the server on the inside, the source is the WAN interface.
Destination defines where traffic that matches the above conditions should be routed/forwarded.  You want SMTP traffic to be directed to your server (on the LAN interface).  You will need to enter the IP of your server here.  Ran IPCONFIG on your server to get the IP or look at TCP/IP properties for your NIC.
screenshot.bmp

Author

Commented:
Thank you this fixes everything!

Author

Commented:
I have been pulling my hair out trying to setup Microsoft Exchange on my server and after a week of effort on Citacomp's part, I have my Exchange server working properly.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial