garyoh
asked on
IPhone, barracuda spam firewall, and exchange 2010
I've had my Exchange 2010 working fine with the iPhones but too much spam so we got a Barracuda Spam firewall 100. Configured it per directions but now iPhones don't work.
I thought i'd reconfig the Cisco PIX to point inbound port 25 to the Barracuda. Cannot get that to work.
Config like this on Cisco:
PIX Version 6.3(5)
...
access-list inbound permit tcp any host xx.xx.xx.123 eq smtp
...
static (inside,outside) xx.xx.xx.123 192.168.1.7 netmask 255.255.255.255 0 0
Barracuda is at 192.168.1.8
I thought i'd reconfig the Cisco PIX to point inbound port 25 to the Barracuda. Cannot get that to work.
Config like this on Cisco:
PIX Version 6.3(5)
...
access-list inbound permit tcp any host xx.xx.xx.123 eq smtp
...
static (inside,outside) xx.xx.xx.123 192.168.1.7 netmask 255.255.255.255 0 0
Barracuda is at 192.168.1.8
Are the iPhones using activesync? If they are it doesn't use port 25 so the Barracuda shouldn't bother them.
ASKER
They are using active sync. I originally pointed the NAT to take xx.xx.xx.123 to the barracuda's 192.168.1.8 address which is interrupting the whole deal. That's when I realized i have to do port redirection but mx points to the public xx.xx.xx.123 address (along with autodiscover, etc.) so I'd like to change the PIX to just send all port 25 to the .barracuda but I cannot get this to work. I want tl allow SMTP on ip 123 but have it go to internal address 8. I cannot seemt o get that to work. Any ideas?
Not really it's been a long time since I've messed with a PIX.
Take a look at this: https://supportforums.cisco.com/thread/228328
Take a look at this: https://supportforums.cisco.com/thread/228328
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Your first idea of using another IP was the best idea. All done. Works great. and used the original as MX 20. Thanks