List Info

Thread: Cisco 5510 denies Groupwise from outside
Cisco 5510 denies Groupwise from outside
user name
 2006-02-04 12:38:50 
hmm, I would think it strange that Groupwise would
open connections back to the client.  Normally in
client/server, the client opens all the ports needed. 
The PIX just allows the return traffic dynamically, in
which you needn't do anything [typically].

But I am not a Groupwise Admin.  A quick search on
Novell's about this yielded this:

TID10051016

Can the GroupWise client be used to get emails from
outside the firewall?

Yes.  As long as the port that the POA is listening on
is open and ports 1024 and above are open for both TCP
and UDP.

I'm not sure what the POA is listening on in your
case.

Maybe your out_in ACL needs these lines:

access-list out_in permit tcp host 152.14.52.48 host
152.14.29.187 range 1024 65535

access-list out_in permit udp host 152.14.52.48 host
152.14.29.187 range 1024 65535

access-list out_in permit tcp host 152.14.52.48 eq 427
host 152.14.29.187

[that last one is probably not necessary, I'd try it
without it first].

Good luck.

http://support.novell.com/cgi-bin/search/sear
chtid.cgi?10051016.htm

--- alpalp55 <alpncsu.edu> wrote:

> I have a user (visiting director) who needs to check
> his email 
> (Groupwise) from inside my firewall when he's
> onsite.  The logs are 
> below - I have tried opening his IP from the outside
> to port 427 and 
> his IP from the inside port 1029 but it still hangs.
> 
> 
> Any ideas - or is there something different to
> interface with 
> Groupwise servers?
> 
> 
> 
> 
> Deny udp src outside:152.14.52.48/427 dst
> inside:152.14.29.187/1029 by 
> access-group "out_in"
> 
> Deny udp src outside:152.14.52.48/427 dst
> inside:152.14.29.187/1050 by 
> access-group "out_in"
> 
> 
> 
> 
> 
> 
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection
around 
http://mail.yahoo.com 




 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://gr
oups.yahoo.com/group/PIX_Firewall/

<*> To unsubscribe from this group, send an email to:
    PIX_Firewall-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.c
om/info/terms/
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )