4. Problem with maiserver moved from lan to dmz

Problem with maiserver moved from lan to dmz

  • C

    Hi all

    I moved a mailserver from the lan to the dmz and I am having some troubles.

    LAN B–------ ipsec -----router-vpn--------LAN A-----------FIREWALL  -----internet
    192.168.2/24                    192.168.1.254    192.168.1/24      192.168.1.251  ---- dmz  (192.168.100/24) - mailserver

    From the lanA subnet (192.168.1/24) is't all ok
    But from the remote lan (192.168.2/24) (connected via an ipsec tunnel between two cisco routers) connections to the mailserver (192.168.100.2) are very slow and clients like imapclients give random errors.
    The ipsec tunnel is 192.168.2/24 > any and any > 192.168.2/24
    In the firewall there is a static route to 192.168.2/24 via 192.168.1.254
    from LANB clients I can do telnet dmz:ports (25-80-143) but I receive answer after some seconds
    I test the system with a pass all in the lan and in the dmz

    what can I check ?
    thanks
    Giacomo

    0
  • S

    did you check the box in system –> advanced -->  Static route filtering, you need to do so.

    regards,
    Johan

    0
  • C

    @Sylhouette:

    did you check the box in system –> advanced -->  Static route filtering, you need to do so.

    regards,
    Johan

    Yes it's checked.

    Giacomo

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy