Hi,
I have a Sophos UTM which is replacing a TMG server. The UTM is configured with 2 interfaces:
Internal:
Inet addr: 192.168.0.1/24
There is a machine on the internal network 192.168.1.31/24 with default gateway 192.168.1.254.
I have a static route on the UTM 192.168.1.0/24 goes through 192.168.0.254.
External:
Inet addr: 172.16.0.1/24
Gateway: 172.16.0.254
The machine on 192.168.0.254, 192.168.1.254 and 172.16.0.254 is a third-party firewall device.
I successfully published the Exchange web services by using the web server protection module of the UTM. I have another server dealing with inbound and outbound SMTP traffic on 172.16.0.2/24 using the 172.16.0.254 as default gateway.
I now need to open up port 25 so it goes direct to the Exchange CAS server for Office 365 hybrid integration, as it needs direct access to the CAS SMTP server or another edge server. It is not allowed to have an SMTP gateway intercept the traffic between the Office365 and Exchange CAS server, as it sends specific commands between the servers to validate certificates and that the message is still from an internal source.
I created a NAT rule as follows:
Source: Any
Destination: External (WAN) (Address)
Translation: SMTP server host matching 192.168.1.31
Destination service: SMTP
Automatic firewall rule enabled
When I connect to 172.16.0.1 on port 25 the connection times out. I believe this could be because the default gateway on 192.168.1.31 doesn't touch the UTM, but need clarification on this.
Thanks.
Andrew.
This thread was automatically locked due to age.