fuzzyfreak
asked on
Changed default gateway to Sonic Wall now not receiving e-mail
I have just installed a Sonic Wall firewall which has port 25 open (amongst others) and it has the ip 10.0.0.102. I have changed the DG on the NIC and also run the Connect to the Internet wizard (though it failed on e-mail).
I can browse OK but not receiving e-mail. Is there something I need to do on Exchange now that I have changed my DG?
I can browse OK but not receiving e-mail. Is there something I need to do on Exchange now that I have changed my DG?
ASKER
All I have open are the exact same ports on this firewall as I did on the router firewall I replaced it with so I doubt this is a port issue.
Make sure on your sonic wall firewall port forwarding point to your exchange server.
If on exchange server your default gateway not pointing to your router or firewall this will facing the issue for mail sending or receiveing for more info refer below link :
http://theessentialexchange.com/blogs/michael/archive/2008/04/09/default-gateways-and-exchange-server.aspx
If on exchange server your default gateway not pointing to your router or firewall this will facing the issue for mail sending or receiveing for more info refer below link :
http://theessentialexchange.com/blogs/michael/archive/2008/04/09/default-gateways-and-exchange-server.aspx
it seems your exchange server previously running over public ip connected to your server ..
what ever the existing publice ip binded to your Mx record...
i.e mail.com 112.1.1.1
if the sonicwall assigned the same ip then all the mail traffic will routed to sonicwall then
you have to make a natting policy from sonicwall - point to your server with pop3 smtp ports
then only the traffic will move..if sonicwall ip and mx is not same then configure a port with thos ip (on wan interface) and do the natting...
the conclusion is your mail server should reach to internet using your mx record and a host record..
all the best
what ever the existing publice ip binded to your Mx record...
i.e mail.com 112.1.1.1
if the sonicwall assigned the same ip then all the mail traffic will routed to sonicwall then
you have to make a natting policy from sonicwall - point to your server with pop3 smtp ports
then only the traffic will move..if sonicwall ip and mx is not same then configure a port with thos ip (on wan interface) and do the natting...
the conclusion is your mail server should reach to internet using your mx record and a host record..
all the best
Try deleting the current smtp rule and run the wizard on the SonicWall to add in the access rules for an email server and direct this into the Exchange server.
For testing purposes allow all external traffic into the Exchange on prt 25.
Then from a computer external to the network telnet the external IP address of the Sonicwall on port 25
telnet 1.1.1.1 25
You should get a response from your Exchange to confirm connectivity.
Also check the priority of the firewall rules in case another mail rule is taking priority.
What Firewall did you use before?....
For testing purposes allow all external traffic into the Exchange on prt 25.
Then from a computer external to the network telnet the external IP address of the Sonicwall on port 25
telnet 1.1.1.1 25
You should get a response from your Exchange to confirm connectivity.
Also check the priority of the firewall rules in case another mail rule is taking priority.
What Firewall did you use before?....
ASKER
Hi guys, finding it difficult to understand your responses.
@Sushil - as I say, port 25 is open on both devices but I have also switched off firewall on the router.
@Shaiksaj - I don't appear to have an MX record, please remind me where it should be located - is this the problem?
@Sushil - as I say, port 25 is open on both devices but I have also switched off firewall on the router.
@Shaiksaj - I don't appear to have an MX record, please remind me where it should be located - is this the problem?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sonicwall provided me with the answer
If you client wants to receive Email, it goes to server port 143 for imap, 110 for pop3, 993 for simap, 995 for spop3 (the ones with s are encrypted), so depending on which protocol you use on where the firewall is positioned (between client and server or just for connections from outside?), you must allow some more ports.