Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mail and webserver issues under XGS136W

Hi community 

Please i have this issue for our customers, we migrated from UTM9 under SG135 series to new series XGS136W

before we start you can find current configuration.

  • Appliance are connected to ISP Modem (Router) via port 2(WAN)
  • Port 1 is connected to LAN, no DMZ configured.
  • Customer App embedded in Webserver wish can be access via a domain name outside LAN.
  • Server containing Microsoft Exchange 2013 for mails.
  • Server for AD and DC.

I used the following configurations:

  • Creating DNAT for webserver on the top(Rule 1)
  • Creating DNAT for Exchange server (Rule 2)
  • Using sophos MTA for mail agent

Bellow the issues:

In configuration above, users can access webserver outside LAN without any issue, but they can't send or receive emails. (emails works fine when they are connecting locally)

When changing DNAT order webserver become inaccessible while emails works fine.

Any suggestions?



This thread was automatically locked due to age.
Parents
  • Hi All

    Problem solved;

    For web APP, HTTP/HTTPS services can’t be putted on a single NAT rule, since customer didn’t have SSL certificate we used HTTP, elsewhere we could use HTTPS.

    For Emmanuel, even if we use MTA, is obligatory to use DNAT for Exchange 2013.

    Thank you.

Reply
  • Hi All

    Problem solved;

    For web APP, HTTP/HTTPS services can’t be putted on a single NAT rule, since customer didn’t have SSL certificate we used HTTP, elsewhere we could use HTTPS.

    For Emmanuel, even if we use MTA, is obligatory to use DNAT for Exchange 2013.

    Thank you.

Children
No Data