1 (edited by hata_ph 2010-08-02 17:04:51)

Topic: Juniper Netscreen 25 firewall with iRedOS5 [SOLVED]

My iRedOS is behind Juniper Netscreen 25 and i have follow below guide to open port for SMTP, POP3 and IMAP

http://kb.juniper.net/index?page=conten … ;pmv=print

but I cannot receive mail after that. If I disable iptables at iRedOS I can receive mail. Is there any port that I need open in my iRedOS?

This is my iptables rules...

Table: filter
Chain INPUT (policy DROP)
num  target     prot opt source               destination
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
2    LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 80,443 LOG flags 0 level 4 prefix `HTTP/HTTPS connection:'
3    LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 25,587,465 LOG flags 0 level 4 prefix `SMTP/SMTPS connection:'
4    LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 110,995 LOG flags 0 level 4 prefix `POP3/POP3S connection:'
5    LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 143,993 LOG flags 0 level 4 prefix `IMAP/IMAPS connection:'
6    LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 22 LOG flags 0 level 4 prefix `SSH connection:'
7    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           multiport dports 80,443,25,465,110,995,143,993,587,465,22
8    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
9    LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:10000 LOG flags 0 level 4 prefix `Wedmin connection attempt:'
10   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:10000

Chain FORWARD (policy DROP)
num  target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

2

Re: Juniper Netscreen 25 firewall with iRedOS5 [SOLVED]

Add my firewall IP to my iRedOS iptables solve the problem... smile
-A INPUT -s xxx.xxx.xxx.xxx -j ACCEPT