Watchguard Firebox III, OWA and 2 Exchange Servers

Hi All,

My Scenario:

- Firebox III 1000

- 2 Exchange Servers (SBS 2003 and 2000)

- 2 Public IP's NATed to Private IP's on the boxes

- Firebox service configured (years ago) and ports 80 and 443 are open

- Added new NAT to existing OWA rule and now allowing SBS traffic out through same rule

- 2 NIC's in the SBS2003 box (which is the one I have the issue with)

- Exchange 2000 OWA works fine (has for years)

- Can trace all the way to the public IP on the FB (for the SBS box)

- No traffic appears in FB logs for any port on the SBS server's IP (have enabled logging for both accepted and denied packets)

- Can access OWA internally on SBS2003 server

- ISA 2004 on SBS configured to allow all traffic through (temporarily)

What am I missing? I cannot get a response from the server. Also have had a couple of people look at the FB and SBS with no progress or suggestions at all.

Help greatly appreciated.

Merrick

PUBLIC IP1 X.X.X.1 PUBLIC IP2 X.X.X.2

Exchange 1: A.A.A.1 SBS Svr 1: A.A.A.2

You need to have two sets of rules, or one custom rule for each server:

HTTPS IN PUBLIC IP1 NAT to Exchange 1 IP PUBLIC IP2 NAT to SBS Svr IP

HTTP IN (you don't need HTTP for OWA, unless you really want to expose your servers in a bad way). PUBLIC IP1 NAT to Exchange 1 IP PUBLIC IP2 NAT to SBS Svr IP

Not sure how you have it setup for A/MX public records, but the above should get you OWA over HTTP/HTTPS to both servers.

Keep in mind, if you setup SBS Exchange properly, you need to do

formatting link

(unless you redirect).

I have a BUNCH of WatchGuard appliances in the field and my home too, feel free to email me if needed (see sig for email address).