Re: Unable to reach POP server
From: Phillip Windell (_at_.)
Date: 09/08/04
- Next message: Phillip Windell: "Re: NTP/W32Time Service, Event ID 50"
- Previous message: Aleksandr Khvatov: "DNS Settings"
- In reply to: Bryan Linton: "Re: Unable to reach POP server"
- Next in thread: Bryan Linton: "Re: Unable to reach POP server"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 8 Sep 2004 15:56:30 -0500
"Bryan Linton" <blinton@nospam.connellinsurance.com> wrote in message
news:O7AqrCelEHA.1936@TK2MSFTNGP12.phx.gbl...
> Thanks Mike. I have actually already set up a rule to redirect all WAN
> traffic on TCP port 110 to the internal IP of our mail server.
> Unfortunately, the 1:1 NAT will not let it work, since the NAT
automatically
Get rid of the 1:1 NAT. It's that simple. You can't use it. You need a
*different* IP# being used on the internal side for POP3 than what you use
for SMTP. You can't use 1:1 NAT for this. You need the Firewall to send
SMTP traffic to one internal IP# while sending the POP3 traffic to a
different internal IP#.
This is exactly what we do here using GFI's MailEssentials on one machine
running IIS/SMTP while our Exchange2000 runs on a different machine.
Incomming SMTP is sent to the GFI's MailEssentials while incomming POP3 is
sent directly to Exchange. We do this with only one IP# on the external
side of the Firewall. We actualy have 32 addresses, but we don't bind them
to the Firewall,...the Firewall is not our only externally exposed device.
> Once we're on exchange, this won't be nearly as big of an issue, since
> outlook clients don't send or receive mail on port 25, iirc. But we're
not
> there yet, and it'd be nice to get this working in the meantime.
That won't save you. It is an even Bigger issue because communicating as an
Exchange Client is a lot more complicated than the simple way the POP3/SMTP
operates. When users are outside the system they should use SMTP/POP3.
Running Outlook as a regular Exchange client is great when inside on the LAN
when there is "gobs" of bandwidth,...but it is not designed for a slow WAN
link. Our Laptops all run Outlook as a regular Exchange Client and they can
*not* use it when outside the building. When they are outside the building
they use Outlook Web Access instead via their web browser which is
specifically designed to use over the Internet with a slow WAN (or dialup)
link. I'm not saying there aren't ways to run MAPI over the Internet, I'm
just recommending that you don't.
-- Phillip Windell [MCP, MVP, CCNA] www.wandtv.com
- Next message: Phillip Windell: "Re: NTP/W32Time Service, Event ID 50"
- Previous message: Aleksandr Khvatov: "DNS Settings"
- In reply to: Bryan Linton: "Re: Unable to reach POP server"
- Next in thread: Bryan Linton: "Re: Unable to reach POP server"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
