[IMGate] Re: Any PIX aces here?

[Len Conrad]

to repeat more clearly, we want the (PIX) firewall to do:

1. Internet access to an Imail-IP port 25 will be redirected to that 
Imail-IP port 587.

2. Internet access to an Imail-IP port 587 will be allowed/pass-thru 
to that Imail-IP port 587.


Net results:

1.  Internet will have no access to any Imail-IP port 25.

2.  All Internet access to Imail SMTP service will be choke-pointed 
to Imail port 587, where msg submission requires SMTP AUTH.

===

Cisco told our PIX guy over the weekend :

it appears that the PIX does not allow more than one outside port 
(25, 587) to redirect to the same inside port (Imail 587).  Either 
port 25 on the redirects to inside port 587, or outside port 587 goes 
to port 587, but not both.

Do any of you PIX admins have a way around this?

Thanks
Len

[IMGate] Re: Any PIX aces here?

[Gerry]

to repeat more clearly, we want the (PIX) firewall to do:

1. Internet access to an Imail-IP port 25 will be redirected to that 
Imail-IP port 587.

2. Internet access to an Imail-IP port 587 will be allowed/pass-thru 
to that Imail-IP port 587.


Net results:

1.  Internet will have no access to any Imail-IP port 25.

2.  All Internet access to Imail SMTP service will be choke-pointed 
to Imail port 587, where msg submission requires SMTP AUTH.

===

Cisco told our PIX guy over the weekend :

it appears that the PIX does not allow more than one outside port 
(25, 587) to redirect to the same inside port (Imail 587).  Either 
port 25 on the redirects to inside port 587, or outside port 587 goes 
to port 587, but not both.

Do any of you PIX admins have a way around this?

Thanks
Len

Yes, Define another address on the IMail box and direct your second port there.
Had the exact same problem with my firewall.

Gerry