[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] POP3 from inside problems
more to Dan's point.... you need to set up "Split DNS". that's where you have a server on the internet giving out your "valid" addresses, and a DNS server on the inside giving out your internal addresses. your internal clients would get those DNS settings via DHCP (i hope!), and the external clients would get thiers from their ISP. either way, if it's external it will be resolved by the external DNS server to the "valid" ip address. you would then config every client to connect to mail.whatever.com. Look on Yahoo, Google, etc for "Split DNS". I'm sure you'll find something that'll explain it better than I did. http://www.acmebw.com/askmr.htm is always a Great resource for DNS questions. HTH, Dave O. -----Original Message----- From: Dan Hitchcock [mailto:[email protected]] Sent: Wednesday, April 25, 2001 4:19 AM To: 'Martin Flagg'; '[email protected]' Subject: RE: [FW1] POP3 from inside problems True true true :) I have never heard a completely satisfying answer for this, but my empirical experience, you cannot access a server by "bouncing off" the external IP address and back in. I've tried with PIX, CP4.x, and Watchguard, all with the same results. The answer is usually to set up internal DNS for the machines you need to access, and educate users accordingly. If anyone has an explanation (or, better yet, a solution) to this conundrum, please post. A thought: if you disable anti-spoofing, does it work? Dan Hitchcock Network [email protected] Xylo, Inc. The work/life solution for corporate thought leaders -----Original Message----- From: Martin Flagg [mailto:[email protected]] Sent: Monday, January 15, 2001 2:29 PM To: '[email protected]' Subject: [FW1] POP3 from inside problems I have an Exchange 5.5 server on a private NATed network. It send and recieves SMTP mail fine. POP3 clients from the outside work fine. When users from the inside use the "valid" IP address for the server they cannot connect with their POP clients to the Exchange server. Martin D. Flagg Sr. Systems Engineer ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|