On Tue, 4 Dec 2001 11:42:15 -0700
Mike V [EMAIL PROTECTED] wrote:
I was under the impression that 53/tcp was for zone xfers, and
53/udp was for queries, so you may want to confirm to avoid
opening more than you need to.
DNS uses TCP of the returned record exceeds the size of a single UDP
: pix firewall and mail server
I was under the impression that 53/tcp was for zone xfers, and 53/udp was
for queries, so you may want to confirm to avoid opening more than you need
to.
Mike
- Original Message -
From: Sa?a Popravak [EMAIL PROTECTED]
To: wali [EMAIL PROTECTED]; [EMAIL
Unless you are advertising your own DNS, specifically opening port 53 is not
necessary. Most companies I am aware of, have an ISP for example, advertising
their DNS on the Internet.
V/r
Rob Clark
Message -
From: Sa?a Popravak [EMAIL PROTECTED]
To: wali [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Monday, December 03, 2001 1:51 AM
Subject: Re: pix firewall and mail server
You should also open ports 53/tcp and 53/udp for dns queries so one can
find
your mail server by checking MX
On Tue, Dec 04, 2001 at 11:42:15AM -0700, Mike V wrote:
I was under the impression that 53/tcp was for zone xfers, and 53/udp was
for queries, so you may want to confirm to avoid opening more than you need
to.
Not necessarily, port 53/tcp is used for queries which are more larger
than 512
03, 2001 1:51 AM
Subject: Re: pix firewall and mail server
You should also open ports 53/tcp and 53/udp for dns queries so one can
find
your mail server by checking MX record from your dns.
Best wishes,
Pope
- Original Message -
From: wali [EMAIL PROTECTED]
To: [EMAIL
You will need to set up a static route entry to allow all outside traffic via
an outside (global address - legitimate) address seen by the internet to the
inside (NAT/PAT) address in addition to your smtp permit entry. Use the
following example in PIX configuration mode:
static
Do you have a static mapping for that device and does your Access-list
point to the outside IP of that static?
DNS should not stop you from receiving the mails. It helps when you want
to send, but you could point the DNS to another inside machine and handle
it that way.
At 07:50 11/29/01,
You should also open ports 53/tcp and 53/udp for dns queries so one can find
your mail server by checking MX record from your dns.
Best wishes,
Pope
- Original Message -
From: wali [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, 29.November 2001 14:50
Subject: pix firewall
firewall and mail server
hi
i have a cisco pix firewall
and i only have a mail server(MS exchange) on nt server
and alot of workstations on nt workstation
i made a nating for the pcs to work in virtual ips
and only the mail server take a real ip(the traffic came to real and the
firewall pass
10 matches
Mail list logo
