I working on our 310 firewall to grant to a specific client [192.168.10.80] access only to our SMTP server,
In the Outbound Firewall Rules i setup the four rules below:
CLIENT_SMTP_OK Source=[TCP:192.168.10.80 - Port:Any] / Destination=[TCP:88.35.xx.yy - Port:25] -> ALLOW
The result is:
the 192.168.10.80 client does not reach NOTING on port 25 (not 88.35.xx.yy, nor other)
all other clients reach ALL on port 25
What’s wrong ?
Alex.
Thanks Alex, any screen capture you can share of these firewall rules? And I believe your Balance 310 is running on our latest firmware 5.4?
Kurt,
Our PepLink 310 is a 5.3.9 firmware equipped:
… below a screenshot of the outgoing firewall with rules involved
… an then the result of 192.168.10.80 client when telnetting our SMTP server (88.35.xx.yy)
Other clients reach our SMTP server and all external other too …
Alex.
Hi Alex,
Your firewall rules look correct assuming your SMTP server is out on the internet and not inside your LAN. Please upgrade your Balance to the latest firmware and open up a support ticket with us at Peplink.com if there is still a problem with this.
Best regards,
Ron
Ron,
Thank you for feedback.
The SMTP server address is one of the PepLink’s public address NATted on an internal (192.168.10.3) IP of our LAN where our mail server resides.
Perhaps this could be the problem ? May i try to replace the public SMTP address with the internal IP ?
Alex.
As far as I can see your SMTP server is on Peplink LAN. In this case then yes we should use its LAN IP for firewall.
In the firewall rule I replaced the SMTP public address with the private IP and finally all run fine !
Thank you for support !
Alex.
No worries Alex. Just a misconfig. Enjoy your Peplink.
