Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 2794 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

bind exim to only one interface alias?

hagman_01
My external interface has several alias IPs (for several internal servers).
It seems that the Email Protection automatically binds to all these IPs. How can I make sure that it replies only to one of them? The obvious method (Network Protection - Firewall - new rule "Any-SMTP-Interface reject") did not work (I guess that's one of those thiungs to prevent admins from locking themselves out). Another attempt (DNATting SMTP on one alias-interface to nirwana) worked too well - it blocks all interfaces.


This thread was automatically locked due to age.
Parents
  • 0
    The DNAT is the right answer, but, instead of using the "External (Network)" object, use a group of "External [additional] (Address)" objects as the destination in the traffic selector.  The reason the firewall rule didn't work is explained by #2 in Rulz.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    The DNAT is the right answer, but, instead of using the "External (Network)" object, use a group of "External [additional] (Address)" objects as the destination in the traffic selector.  The reason the firewall rule didn't work is explained by #2 in Rulz.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML