Hi,
I have setup an email server behind an SSG-5 in the DMZ. The SSG-5 in turn is behind an ISP's router. I have a set a VIP to direct SMTP traffic destinated to our Public IP to the DMZ server. I have untrust, trust and DMZ zones in the trust-vr.I have setup policies allowing MAIL-POP3 traffic from trust to DMZ,MAIL traffic from untrust to DMZ.
POP3 from the trust zone (our internal network) works fine but no email from outside (internet) can reach our server.
I have checked our DNS MX record and it looks OK (I use 'dig' ) but any email sent to our address it times out trying to get a connection.
I have checked it with the ISP and they assured me that they do not block any SMTP traffic.
The scheme below describes the setup (the [] indicates RJ-45) :
(Public IP)194.x.x.x--[][ R ][]--192.168.x.1/29--[ S ][]--192.168.x.2/29(0/0 untrust)
| O | | S |[]--1.x.x.1/24(0/1 DMZ)--1.x.x.7/32-[Email Server]
| U | | G |[]--192.x.x.1/24(0/2 trust)--192.x.x.x/24(Our Net)
| T | | - |
| E | [ 5 ]
[ R ]
I have attached the configuration file.
What am I doing wrong?
Any hint is welcome and very much appreciated!