RE: exchange 2000 behind cisco PIX firewall 506e
- From: "Mike Liddekee" <mliddekee@xxxxxxxxx>
- To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
- Date: Thu, 28 Aug 2003 08:21:19 -0500
It depends on whether you're using access-lists or static conduits.
Access-lists tend to be more secure and are the recommended method from
Cisco is you're running new PIX software versions on your unit. Since
the unit is the new "E" model you're fine. You need to know what ports
you want open to your box. If you want just incoming mail to that box,
you'd have something like this:
static (inside,outside) <outsideIP> <insideIP> netmask 255.255.255.255
0 0
access-group 100 in interface outside
access-list 100 permit tcp any host <outsideIP> eq smtp
This would be the most basic form. Since I don't know you're
configuration I don't know what you already have set up. You should run
either access-lists or conduits, but not both. In my sample, you would
replace <outsideIP> w/ the public ip address assigned to your mail
server and replace <insideIP> w/ the internal LAN ip address of the
server. If you're not familiar w/ the PIX, Cisco's website offers
oodles of references. You need to have a SmartNET contract on that unit
in order to get unrestricted access to everything
Regards,
Mike Liddekee
Network Engineer
Humco Holding Group, Inc.
7400 Alumax Dr.
Texarkana, TX 75501
Ph: (903) 831-7808 ext 697
-----Original Message-----
From: Achmad Mursalin [mailto:ach_m@xxxxxxxxx]
Sent: Wednesday, August 27, 2003 10:46 PM
To: [ExchangeList]
Subject: [exchangelist] exchange 2000 behind cisco PIX firewall 506e
http://www.MSExchange.org/
I have two server DC & Exchange 2000 server, i have new cisco PIX
firewall 506E.
How to configure PIC so that exchange 2000 can secure with port that
used.
thanks.
_____
Do you Yahoo!?
Yahoo! <http://us.rd.yahoo.com/evt=10469/*http:/sitebuilder.yahoo.com>
SiteBuilder - Free, easy-to-use web site design software
------------------------------------------------------ List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange
Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange
FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------ Other Internet
Software Marketing Sites: Leading Network Software Directory:
http://www.serverfiles.com No.1 ISA Server Resource Site:
http://www.isaserver.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------ You are currently
subscribed to this MSExchange.org Discussion List as:
mliddekee@xxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
Other related posts:
