Firewall Wizards mailing list archives

Re: Exchange 2000 and SonicWALL

From: "Volker Tanger" <volker.tanger () discon de>
Date: Mon, 25 Feb 2002 09:00:34 +0100

Greetings!

Alex Randjelovic wrote:

Ho do I setup Exchange 2000 server with SonicWALL (DMZ or local, IP, address mapping)?


I'm not familiar with MSX-2000, but here the settings needed for MSX-5.5:

If you run it POP3/SMTP configuration only:
        - works with either NAT (i.e. Masquerading) or Basic
          (i.e. Bridging) mode
        - allow POP3 & SMTP from LAN to MSX
        - why did you choose MSX then - and not a real mailserver
          (okay, I'm biased, I confess...)


If you want full MSX functionality
        - won't work in NAT mode
        - allow NBT (UDP/137-138, TCP/139) from LAN to MSX
        - allow MS-RPC (TCP/135) from LAN to MSX
        - allow RPC-Reply (i.e. ANY !) from MSX to LAN

The last rule is why you won't want to place a MSX server into a DMZ -because you get no additional protection from it.


Bye
        Volker
--

-------------------------------------------------------------------
volker.tanger () discon de                                 discon GmbH
IT-Security Consulting                           Wrangelstrasse 100
http://www.discon.de/                         10997 Berlin, Germany
-------------------------------------------------------------------
PGP-Fingerprint: 5323 a4f7 a7c2 b8ef 4653 05ce d2ea 2b74  b94c c68e


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

Exchange 2000 and SonicWALL Alex Randjelovic (Feb 23)
- Re: Exchange 2000 and SonicWALL Volker Tanger (Feb 25)
- <Possible follow-ups>
- Re: Exchange 2000 and SonicWALL Tony Howlett (Feb 24)
- RE: Exchange 2000 and SonicWALL Frank Knobbe (Feb 25)
- RE: Exchange 2000 and SonicWALL Frank Knobbe (Feb 25)