Solved

HELO Response Sending Wrong IP Address

Posted on 2010-08-24
6
1,494 Views
Last Modified: 2013-11-16
For some reason when I send email, fresh install of Exchange Server 2007 on Virtual Win03, my HELO response is giving the address of my firewall's WAN port rather than the NAT assigned external IP of the email server.  I can't find the problem anywhere on the SonicWall 2040 firewall nor in the Exchange settings.  

There is another in progress thread that might help.  If any additional info is needed please let me know as I will provide whatever is needed to help resolve this issue.
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_26426284.html#a33517107
0
Comment
Question by:jb1023
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 24

Expert Comment

by:B H
ID: 33517279
this isn't an exchange setting, it's purely in the sonicwall.  you need to set up the back half of the one-to-one nat entry, i'll find some steps, one min
0
 
LVL 24

Accepted Solution

by:
B H earned 70 total points
ID: 33517306
oh look, it's right here already:
http://www.experts-exchange.com/Hardware/Networking_Hardware/Firewalls/Q_24166778.html

ctsy of dpk_wal:
Just to verify if you have entered all the setting correctly:
1. In Network > One-to-One NAT page.
2. Select the Enable One-to-One NAT check box.
3. Click Add. Entered 192.1.1.5 IP address [private address of server].
4. Entered 1.2.3.5 IP address [public address of server].
5. Entered 3.
6. Clicked OK; clicked Apply.

For access rule:
Click Firewall, then Access Rules.
Click Add.
Configure the following settings:
" Allow
" Service - HTTP
" Source - WAN
" Destination - LAN 192.1.1.5

Please note indicating WAN/LAN is important.

Please check and update.
0
 
LVL 24

Expert Comment

by:B H
ID: 33517311
you already have rules that say, "when traffic comes in looking for exchange, send em inward to this inside address"

what you're missing is, "when the internal address of the exchange server leaves me, make it look like it's this other wan ip address"
0
Defend Your Organization from The Greatest Threats

Looking to fill the gaps in your security? Bring together information from the network, endpoint and threat intelligence feeds to really see what's happening in your organization. Join the WatchGuardians in their adventures fighting cyber crime!

 
LVL 24

Expert Comment

by:B H
ID: 33517326
obviously, make sure you're dealing with the correct outside ip address when adding the info above...

find out for SURE what your mx record points to (the external ip of your mail server).  

that ip will need to have the exchange service ports that you use, forwarded to it... and the router will want to spoof that internal ip address to the correct outside ip address.
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 55 total points
ID: 33518080
If you are running the 2040, then you're probably running the enhanced os.  if so, you won't find the one-to-one nat under network.  what i'd recommend is to delete the current firewall access rules and nat policies.  even delete the address objects.  create an service group under Firewall > Services and assign all the service ojects required for your email server.  then, run the public server wizard selecting the service group you created.  the wizard will create all the address objects, firewall rules and nat policies.  this will complete the nat rules bryon spoke of.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33522791
Thanks for the points and glad we could help.
0

Featured Post

Defend Your Organization from The Greatest Threats

Looking to fill the gaps in your security? Bring together information from the network, endpoint and threat intelligence feeds to really see what's happening in your organization. Join the WatchGuardians in their adventures fighting cyber crime!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Utilizing an array to gracefully append to a list of EmailAddresses
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the adminiā€¦

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question