----- Original Message ----- From: "Len Conrad" <[EMAIL PROTECTED]>
> The following stuff is dead-simple in FreeBSD/ipfilter, but seems to > be complex in PIX. > > Because the design (no matter which brand of packet filter) applies > to all IMGate/Imail 8.2x sites and will be explained later, please > try to help with PIX syntax. > > Here are the pseudo-rules to be implemented in PIX syntax: > > 1. allow from any-IP to Imail-IP port 587 tcp access-list OUTSIDE permit tcp any host xxx.xxx.xxx.xxx eq 587 > ... is just opening PIX to allow Internet access to Imail port 587 > (just like opening for port 25) yep > 2. redirect from any-ip to Imail-IP port 25 => Imail-IP port 587 > > ... redirect access to Imail port 25 to port 587 static (inside,outside) tcp xxx.xxx.xxx.xxx smtp xxx.xxx.xxx.xxx 587 netmask 255.255.255.255 0 0 > Does PIX support the above and have you done it? yep Bill
