It depends on whether you're using access-lists or static conduits. Access-lists tend to be more secure and are the recommended method from Cisco is you're running new PIX software versions on your unit. Since the unit is the new "E" model you're fine. You need to know what ports you want open to your box. If you want just incoming mail to that box, you'd have something like this: static (inside,outside) <outsideIP> <insideIP> netmask 255.255.255.255 0 0 access-group 100 in interface outside access-list 100 permit tcp any host <outsideIP> eq smtp This would be the most basic form. Since I don't know you're configuration I don't know what you already have set up. You should run either access-lists or conduits, but not both. In my sample, you would replace <outsideIP> w/ the public ip address assigned to your mail server and replace <insideIP> w/ the internal LAN ip address of the server. If you're not familiar w/ the PIX, Cisco's website offers oodles of references. You need to have a SmartNET contract on that unit in order to get unrestricted access to everything Regards, Mike Liddekee Network Engineer Humco Holding Group, Inc. 7400 Alumax Dr. Texarkana, TX 75501 Ph: (903) 831-7808 ext 697 -----Original Message----- From: Achmad Mursalin [mailto:ach_m@xxxxxxxxx] Sent: Wednesday, August 27, 2003 10:46 PM To: [ExchangeList] Subject: [exchangelist] exchange 2000 behind cisco PIX firewall 506e http://www.MSExchange.org/ I have two server DC & Exchange 2000 server, i have new cisco PIX firewall 506E. How to configure PIC so that exchange 2000 can secure with port that used. thanks. _____ Do you Yahoo!? Yahoo! <http://us.rd.yahoo.com/evt=10469/*http:/sitebuilder.yahoo.com> SiteBuilder - Free, easy-to-use web site design software ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this MSExchange.org Discussion List as: mliddekee@xxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')