07-21-2011 03:24 AM
Hi,
New user of PA Firewall here. I noticed that when we send out emails, the recipient is seeing that the email comes from the public IP which is assigned to the external interface of our PA firewall. Before moving to PA, we can see the public IP NATed to our email server. Is there any configuration we missed? Or is this how it should be?
Appreciate your help. Thanks!
07-21-2011 05:45 AM
Hi, were you using Check Point automatic NAT previously?
I've seen a couple of similar issues before - these were resolved by inserting an additional NAT rule just before the NAT rule that is catching your outbound SMTP traffic at the moment. The new NAT rule can then translate just your outbound email server traffic to have the the required source address.
Regards,
Dave
07-21-2011 07:32 PM
Hi Dave,
Thanks for your reply.
Previously we were using Watchguard. I am a bit confused with your recommendation (insert a NAT rule before the Mail Server NAT). What would be the rule's content? Sorry for the bummer question...
07-22-2011 01:15 AM
Hello,
Source IP: YourMailServer
DestinationIP: Any
Source Translation
IP Type: ip-static
Translated address : PublicIPAddressYouWant
Bidirectional: yes
Destination translation: none
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
