How to configure MS-Exchange connectivity through a PIX/ASA
To configure MS-Exchange connectivity through a PIX Firewall, perform the following steps:
1. Create the static translation for the MS-Exchange server inside address so it can be seen by its public routable address from the outside. Traffic received by the PIX on the outside address of the MS-Exchange server is translated by the PIX and passed to the inside network.
2. Create an Access Control List (ACL) on the PIX to allow all devices (or a specific machine) on the outside to access the MS-Exchange server. The MS-Exchange server uses ports 135, 137, 138, and 139.
3. Apply the ACL to the outside interface in the inbound direction.
The following is an example configuration:
static (inside,outside) 64.1.1.1 10.1.1.1 !---This creates the static entry. !---Map the inside address of 10.1.1.1 to the public address of 64.1.1.1. access-list 101 permit tcp any host 64.1.1.1 eq 139 access-list 101 permit tcp any host 64.1.1.1 eq 135 !--- Access-list 101 permits TCP traffic from any device to host 64.1.1.1. !--- This is the outside address of the Exchange server ports 139 and 135. access-list 101 permit udp any host 64.1.1.1 eq 137 access-list 101 permit udp any host 64.1.1.1 eq 138 !--- Access-list 101 permits UDP traffic from any device to host 64.1.1.1. !--- This is the outside address of the Exchange server ports 137 and 138. access-group 101 in interface outside !---Apply the access-list to the outside interface.
Liked this article? To continue getting our latest free Howtos and Tutorials,
you can also grab the RSS feed or Subscribe to Techgurulive by Email
you can also grab the RSS feed or Subscribe to Techgurulive by Email
Not Getting
Related postsHow to Configure HP BladeSystem Onboard Administrator Network Settings
Use DHCP for all Active (or Standby) Onboard Administrator—Get the IP address for the Onboard Administrator from a DHCP server. The Standby checkbox is only shown if there is a...
How to access a webserver from outside with a single live IP
To access a private web server from outside public network, we require live ips, the following diagram shows how to setup the network for accessing the web server. The above...
Use DHCP for all Active (or Standby) Onboard Administrator—Get the IP address for the Onboard Administrator from a DHCP server. The Standby checkbox is only shown if there is a...
To access a private web server from outside public network, we require live ips, the following diagram shows how to setup the network for accessing the web server. The above...
