Hi,
I have 2 x 2920 firewalls with LAN to LAN VPN.
SITE1 10.1.29.0
SITE2 192.168.1.0
I have configured port redirection on one site (SITE1) for smtp. I have used the data filter option under the NAT to lock down SMTP to only External IP's from our external Spam filtering service.
This is setup as follows under Data Filter
1. xNetBios -> DNS Down NO CHANGES
2. Block - Block if no further Match
3. SMPT - Source IP xxx.xxx.xxx.xxx (External IP from SPAM Filter)
- Dest IP xxx.xxx.xxx.xxx (Internal Mail Server IP)
- Service Type : port 25
This works fine for locking down the SMTP service, however it also disables my site to site LAN. I can acess SITE2 from SITE1 no problem. However I cannot access SITE1 from SITE2.
I assume I need some rule to allow VPN traffic to enter SITE1 but are unable to find any options that work.
Any help would be appreciated.