Gateway Help Needed

  • Hi there guys
    I need some help here please.

    I have 2 gateways on my network 1 checkpoint and a Pfsense each one of them have a static and public IP

    My exchange server is using checkpoing ( as gateway and i have a public IP just for doing the OWA pointing to 443 at my exchange box.

    My other gateway is a pfsense box ( and i want change the that owa ip to this public ip, as i said each gateway as a public IP.

    But the problem is my exchange has is gateway so i cant get to the OWA but if i change exchange gateway to it works fine.

    Is there any way at pfsense or Checkpoint to change this?

    I really need some help cos i dont have a clue how to do it

    Thanks in advanced

  • Not an easy one as OWA will send internet traffic to it's default gateway and the CP server knows nothing about the response packet so it drops it (No stateful inbound connection) and even if it did allow the packet through your PC would not understand a response from an IP address it has not spoken to so would not send an ack, so no connect would ever be setup.

    Some horrible kludges spring to mind but I don't wish to inflict them on this forum
    The simplest thing I can think of that does not make me cringe is to put a second IP address on the Exchange box in a different subnet move your PFSense Lan address to that and effectively create a little network consisting of the exchange box and the firewall connected vis a crossover cable or hub (or add a virtual IP to the LAN interface, depends on your routers). Make sure IIS is bound to all IP address on the box and maybe issue a iisreset

  • The best solution, IMO, would be to run both WANs to your pfSense and scrap the Checkpoint. Then you could have OWA on both WANs without messing with the server config…

Log in to reply