CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it yet again - That's right, the 3rd edition is here!
You can read his announcement post here.
It's a massive upgrade focusing on current versions, and well worth checking out. -E

 

Results 1 to 5 of 5

Thread: Route Outgoing Mail Traffic to Internal IP Address

  1. #1
    Join Date
    2007-06-28
    Posts
    11
    Rep Power
    0

    Default Route Outgoing Mail Traffic to Internal IP Address

    I have switched over to iPhones for the company and the only issue I have is that when the iPhone is attached to the wireless network the mail with not sync with the Exchange server. The iPhone mail client is set to sync with mail.xxxxx.com. When not attached to the wireless network all is fine.

    The Exchange server is internal to the network and NAT’d to the Internet.
    Can I create a NAT & Policy to allow and route all requests from the internal wireless network going to the external mail server address to the internal IP address instead? I tried the rules below and it did not work:

    NAT
    Original Packet Translated Packet
    Source Destination Service Source Destination Service
    Internal iPhone External Mail https Original Mail Server Original
    IP Server IP Internal IP

    Rule
    Source Destination VPN Service Action
    Internal iPhone External Mail Any Any Accept
    IP Server IP

  2. #2
    Join Date
    2007-06-04
    Posts
    3,314
    Rep Power
    17

    Default Re: Route Outgoing Mail Traffic to Internal IP Address

    Or you could just sort out your DNS so that it resolves to the Internal IP.

    Are you using an Automatic NAT on your Mail Server Object. If you are then do an Automatic Hide NAT on the Wireless Network and it will start to work as it wil combine both NAT's.

    Alternatively you could just sort out your DNS so that internally you resolve the name to it's internal IP address.

  3. #3
    Join Date
    2007-06-28
    Posts
    11
    Rep Power
    0

    Default Re: Route Outgoing Mail Traffic to Internal IP Address

    The Automatic Hide NAT on the wireless network did it! Thank you.

  4. #4
    Join Date
    2007-06-04
    Posts
    3,314
    Rep Power
    17

    Default Re: Route Outgoing Mail Traffic to Internal IP Address

    It will work as when using Automatic NAT then can merge the Automatic Hide NAT of the Wireless Network, with the Static NAT of the Mail Server.

    Whilst this will work, I would look at sorting your DNS out, so that the Internel DNS resolves the Mail Server name to it's internal IP so sends straight to the Mail Server without having to do the Double NAT.

  5. #5
    Join Date
    2007-06-28
    Posts
    11
    Rep Power
    0

    Default Re: Route Outgoing Mail Traffic to Internal IP Address

    Thanks.

    We are in the design phase of replacing / rebuilding our DC & DNS servers. We will have the DNS fixed properly within a few months. Until then this work-a-round in CP is just fine.

    Thank you again for the help.

Similar Threads

  1. Incoming, outgoing, internal traffic
    By Knuto in forum Eventia Analyzer/Reporter/SmartView Reporter
    Replies: 5
    Last Post: 2010-04-08, 07:02
  2. Replies: 4
    Last Post: 2010-02-03, 15:58
  3. VRRP Issue : outgoing traffic not use Virtual IP
    By skipper in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 3
    Last Post: 2009-12-08, 03:03
  4. I need replace source SMTP domain for all outgoing mail. how?
    By xSl779 in forum Content Security/Security Servers/CVP/UFP
    Replies: 1
    Last Post: 2007-02-12, 11:39
  5. IP address of ClusterXL outgoing traffic
    By bgrenda in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 11
    Last Post: 2006-11-07, 11:19

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •