Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Static NAT
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Static NAT - 12.Jan.2005 12:22:00 AM
|
|
|
Kerry.Kriegel
Posts: 30
Joined: 17.Sep.2004
From: Racine, Wisconsin
Status: offline
|
I have many IP addresses on my "Outside" NIC for multiple Websites, FTP Servers, etc. All of my domains incoming SMTP point to the same IP address and work just fine for inbound mail. My outbound mail is all NAT'd by ISA to a single IP address that I can not control. Who cares right? Well, with more and more SPAM fighters doing Reverse DNS lookups, I do. I can make my RDNS PTR match my domains mx a record, but now that means all of my clients web browsing AND all of my SMTP traffic is on the same IP.
I would like to be able to static NAT my inside mail server to a specific outside IP address.
|
|
|
|
RE: Static NAT - 26.Jan.2005 5:21:00 PM
|
|
|
zheka
Posts: 1
Joined: 3.Oct.2003
Status: offline
|
hi,
i am facing the same problem. have you found a workaround by any chance?
|
|
|
|
|
RE: Static NAT - 28.Jan.2005 2:42:00 AM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi GD,
There is a workaround, but you'll need public addresses on the host you want to map to.
HTH,
Tom
|
|
|
|
|
RE: Static NAT - 2.Feb.2005 11:08:00 PM
|
|
|
sasa.rasovic
Posts: 4
Joined: 2.Feb.2005
Status: offline
|
Will you please explain how this workaround works?
I assume you think of making a separate network object (for example DMZ) with public IP addresses of those machines, and then make a network rule to route instead of NAT communication. Am I right?
Sasa
[ February 02, 2005, 11:24 PM: Message edited by: sasa.rasovic ]
|
|
|
|
|
RE: Static NAT - 18.Feb.2005 5:08:00 AM
|
|
|
mayday175
Posts: 2
Joined: 2.Feb.2005
Status: offline
|
This thread seems to have ended prematurley... What was the workaround?!?
|
|
|
|
|
RE: Static NAT - 16.Jul.2005 9:37:00 PM
|
|
|
liddlem
Posts: 4
Joined: 16.Jul.2005
From: Mildura Australia
Status: offline
|
I have this exact issue and would also like to know what the workaround was
|
|
|
|
|
RE: Static NAT - 16.Jul.2005 11:08:00 PM
|
|
|
isawader
Posts: 420
Joined: 27.Apr.2005
Status: offline
|
quote:
What was the workaround?!?
There are two work arounds!
The first one is already explained by the original poster. If your emails are getting whacked by remote email servers performing reverse DNS lookups, you can bind the IP number of your emails server (the one on the MX record) as the primary IP number on ISA's external NIC. Now your email server's IP number will be properly resolved (RDNS) by the remote SMTP server. The disadvantage (or inconvenience), as the original poster explained, is that any outbound traffic will use your email server's IP number as source. For various reasons, you may want to avoid this setup.
The second approach, which Tom briefly mentioned, involves new External or DMZ Network. You supposed to move your mail relay to this Network and assign the public IP of the MX record to your email server. You should then create an access rule allowing your mail relay to send emails to External Network. You should take the second approach with the grain of salt. I haven't done this myself. I am just repeating what others have posted in this forum. One of these days when I have time, I will test this out in my lab network.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
![[Frown]](/image/smiles/frown.gif)
