Heya Kevin, yeah it's possible to do that but instead of managing two
DNS'es, we only manage 1 DNS resolution.
Thanks for the input :)
Regards,
Rudy
On Sat, Dec 13, 2008 at 6:07 PM, Kevin Horvath <kevin.horvath_at_gmail.com> wrote:
> Since your workstation is on the same internal subnet as the mail
> server why would you try to ping out to the xlated ip? If your on the
> same internal subnet you should be pinging the 10.10.1.2 ip. I guess
> I am missing something?
>
> On Fri, Dec 12, 2008 at 4:17 AM, Rudy Setiawan <rudal_at_online.rudal.com> wrote:
>> Hi,
>>
>> we have a firewall, both outside and inside interfaces.
>> We have a SMTP server that lives in the inside network
>> and it's translated to a public IP on the outside interface.
>> SMTP inside IP: 10.10.1.2
>> Translated IP: 216.15.4.4
>> in the pix (version 7.2.3)
>> static (inside,outside) 216.15.4.4 10.10.1.2 netmask 255.255.255.255
>>
>> I have a workstation with IP 10.10.1.4 which has a translated IP of 216.15.4.6
>> >From my workstation I tried to access 216.15.4.4 port 25 or ping
>> 216.15.4.4. I got request timed out.
>>
>> I have access-list that allows icmp as well as port 25 on the 216.15.4.4 IP.
>> I am able to access port 25 and ping the IP from anywhere in the world.
>>
>> How can I permit such traffic?
>>
>> Thanks,
>> Rudy
>> _______________________________________________
>> firewall-wizards mailing list
>> firewall-wizards_at_listserv.icsalabs.com
>> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
>>
>
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Dec 19 2008
Intro
