Question : Problem accessing global IP that are local servers within the optional port of my Firebox

I would like to connect to one of my mail servers which is located on the optional port of my Firebox III device.

Basically the optional port has a range of 170.10.10.0/24. The email server is at IP 170.10.10.100

If i connect to this mail server from outside I use lets say a global IP of 122.120.120.120.

So globally my domain name mail.mydomain.com points to 122.120.120.120. So everything works just fine and dandy. However, here is the problem I am coming across.

On the PCS at my office which are running on the trusted port with a network range of 192.168.0.0/24.

The only way I can connect to this mail server is by directly connection to 170.10.10.100. Everything works great. But I would like to know why I cannot connect to 122.120.120.120.

Since the PCs are local on the Trusted network, if I set the mail host address in outlook to mail.mydomain.com, it gets the global IP of 122.120.120.120 but then it doesnt allow the connection. The only workaround i have found is to put a local A record in the AD server to point mail.mydomain.com to 170.10.10.100, then in the mail client if it uses the alias name mail.mydomain.com there is no problem.

This just becomes a bit of a hassle when I have a lot of different domains pointing to global IPs that the firewall is somehow not knowing what to do with this.

Did I configure something wrong on the firebox? Is there an additional step I need to do that I did not do?

I hope someone can help me with this problem.

Thank you!

Answer : Problem accessing global IP that are local servers within the optional port of my Firebox

Okay. I have solved this problem by trial and error. And I thought I would update this question with my solution. Here it goes:

Basically when the server at 172.16.16.16 tried to access my other internal server which is located at 172.16.16.17 it would get the global IP address of that server because the server 172.16.16.16 was using an outside DNS server because it was a live global server. However the firebox didn't know what to do with the global IP because the request was coming from behind the firewall. All that is needed to do is add a rule to your firebox. For this example I was trying to get my linux server sendmail to send email to my Exchange email server.
I add a SMTP rule.

Incoming FROM 172.16.16.16 TO (using NAT) GLOBAL IP 202.XXX.XXX.XXX -> 172.16.16.18.
Outgoing FROM 172.16.16.18 TO 172.16.16.16.

This fixed the problem. However there was another issue because of the exchange server. This is not related to this problem. But basically you will need to allow the exchange server to act as a relay. Go into the exchange server settings and go into the properties of that server and allow the exchange server to act as a relay to the server IP of 172.16.16.16.

Then everything will work fine.

Random Solutions

migrating sbs 2003 to 2008 sbs

How read and write the date format in Windows from code in Access 2003

extract certain xml nodes from bash script and write them to a file

Advance Crosstab Report with dynamic columns and new or second pages.

alternative FLA compiler

Different Link Sections on Sharepoint Homepage

Cron Job Queue?

Reference object outside a MovieClip

Edit registry in Ghost Explorer

Exchange 2003 not creating Store