[c-nsp] can cisco pix "boomerang" mail traffic?
Gregori Parker
Gregori.Parker at theplatform.com
Tue Sep 9 15:24:48 EDT 2008
Had a similar problem, and dns-doctoring wasn't the right solution (it
might work for you if your resolver is external)
http://www.cisco.com/en/US/products/ps6120/products_configuration_exampl
e09186a00807968d1.shtml
The alternate solution, 'hairpinning', did the job (same link)... just
don't forget the global statement on the outside interface.
HTH
- Gregori
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Rogelio
Sent: Tuesday, September 09, 2008 12:04 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] can cisco pix "boomerang" mail traffic?
Can a Cisco PIX "boomerang" a packet--i.e. route a packet coming from
the internal network that is destined for an Internet host back into
the internal network via NAT?
I ask because I have have email clients pointing to mail.domain.com, and
unless I do a split DNS with my mail A record pointing to a 192 address
inside and an external mail A record pointing to my public IP address,
I'm not quite sure how to do it.
Users using Microsoft Outlook + Exchange don't have a problem getting
their email. But users using other email clients (Thunderbird, Outlook
Express, etc) obviously cannot resolve the host name if they are on the
wrong side of the network. Thunderbird has different identities for
each email account, but that's too much work for some of the users.
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list