RE: exchange 2000 behind cisco PIX firewall 506e

  • From: "Mike Liddekee" <mliddekee@xxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Thu, 28 Aug 2003 08:21:19 -0500

It depends on whether you're using access-lists or static conduits.
Access-lists tend to be more secure and are the recommended method from
Cisco is you're running new PIX software versions on your unit.  Since
the unit is the new "E" model you're fine.  You need to know what ports
you want open to your box.  If you want just incoming mail to that box,
you'd have something like this:


static (inside,outside) <outsideIP>  <insideIP> netmask
0 0

access-group 100 in interface outside

access-list 100 permit tcp any host <outsideIP> eq smtp


This would be the most basic form.  Since I don't know you're
configuration I don't know what you already have set up.  You should run
either access-lists or conduits, but not both.  In my sample, you would
replace <outsideIP> w/ the public ip address assigned to your mail
server and replace <insideIP> w/ the internal LAN ip address of the
server.  If you're not familiar w/ the PIX, Cisco's website offers
oodles of references.  You need to have a SmartNET contract on that unit
in order to get unrestricted access to everything




Mike Liddekee

Network Engineer


Humco Holding Group, Inc.

7400 Alumax Dr. 

Texarkana, TX  75501

Ph:  (903) 831-7808 ext 697


-----Original Message-----
From: Achmad Mursalin [mailto:ach_m@xxxxxxxxx] 
Sent: Wednesday, August 27, 2003 10:46 PM
To: [ExchangeList]
Subject: [exchangelist] exchange 2000 behind cisco PIX firewall 506e 

I have two server DC & Exchange 2000 server, i have new cisco PIX
firewall 506E.

How to configure PIC so that exchange 2000 can secure with port that



Do you Yahoo!?
Yahoo! <*http:/>
SiteBuilder - Free, easy-to-use web site design software
------------------------------------------------------ List Archives: Exchange
Newsletters: Exchange
------------------------------------------------------ Other Internet
Software Marketing Sites: Leading Network Software Directory: No.1 ISA Server Resource Site: Windows Security Resource Site: Network Security Library: Windows 2000/NT Fax Solutions:
------------------------------------------------------ You are currently
subscribed to this Discussion List as:
mliddekee@xxxxxxxxx To unsubscribe send a blank email to

Other related posts: