To configure MS-Exchange connectivity through a PIX Firewall, perform the following steps:

1. Create the static translation for the MS-Exchange server inside address so it can be seen by its public routable address from the outside. Traffic received by the PIX on the outside address of the MS-Exchange server is translated by the PIX and passed to the inside network.
2. Create an Access Control List (ACL) on the PIX to allow all devices (or a specific machine) on the outside to access the MS-Exchange server. The MS-Exchange server uses ports 135, 137, 138, and 139.
3. Apply the ACL to the outside interface in the inbound direction.

The following is an example configuration:

static (inside,outside) 64.1.1.1 10.1.1.1
!---This creates the static entry.
 !---Map the inside address of 10.1.1.1 to the public address of 64.1.1.1.

access-list 101 permit tcp any host 64.1.1.1 eq 139
access-list 101 permit tcp any host 64.1.1.1 eq 135
!--- Access-list 101 permits TCP traffic from any device to host 64.1.1.1.
 !--- This is the outside address of the Exchange server ports 139 and 135.
access-list 101 permit udp any host 64.1.1.1 eq 137
access-list 101 permit udp any host 64.1.1.1 eq 138
!--- Access-list 101 permits UDP traffic from any device to host 64.1.1.1.
 !--- This is the outside address of the Exchange server ports 137 and 138.

access-group 101 in interface outside
!---Apply the access-list to the outside interface.

Tags:accesses, acl, asa, configuration, configure, connection, create, firewall, hosts, interface, listing, machine, network, networking, pix, port, ports, server, servers, traffic

Liked this article? To continue getting our latest free Howtos and Tutorials,
you can also grab the RSS feed or Subscribe to Techgurulive by Email

Not Getting

Related posts

How to Configure HP BladeSystem Onboard Administrator Network Settings

How to access a webserver from outside with a single live IP