Wireless Access

last person joined: 21 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Mail & Proxy Redirect

This thread has been viewed 2 times

  • 1.  Mail & Proxy Redirect

    Posted Aug 11, 2011 08:21 AM
    I have requirement from customer:

    1) If customer fix proxy in their web browser and fix IP address on WLAN Card, they must outgoing to internet. How to configure firewall policy in ARUBA Controller ??
    :: I try to set --> user any tcp 8080 dst-nat 8088 before user any svc-http dst-nat 8080 and user any svc-https dst-nat 8081 but it not work.
    2) If customer fix any mail server how to redirect any SMTP (25) traffic to mail server (name) with ARUBA firewall Policy ??
    :: I try to set --> user any svc-smtp dst-nat Name: name of customer's mail server + port 25
    and other policy user any svc-smtp redirect esi-group Customer's Mail group direction forward
    but both of them not work

    Please suggestion me.

    Thank you,


  • 2.  RE: Mail & Proxy Redirect

    EMPLOYEE
    Posted Aug 11, 2011 09:57 PM
    1. Is this a guest network or an employee network?
    2. What are you trying to accomplish with the mail server redirect?


  • 3.  RE: Mail & Proxy Redirect

    Posted Aug 12, 2011 12:50 AM
    1) Guest network (Wi-Fi Hotspot)
    2) My customer requirement (They use outlook)


  • 4.  RE: Mail & Proxy Redirect

    EMPLOYEE
    Posted Aug 12, 2011 06:06 AM

    1. Please see the post here: http://community.arubanetworks.com/t5/ArubaOS-and-Mobility-Controllers/Best-way-to-force-guests-to-use-a-proxy/td-p/6269 
    2. The Aruba Controller cannot send email. It can only forward port 25 traffic to an existing server. If users have an existing email server, they should point to that.



  • 5.  RE: Mail & Proxy Redirect

    Posted Aug 14, 2011 06:30 PM


    2. The Aruba Controller cannot send email. It can only forward port 25 traffic to an existing server. If users have an existing email server, they should point to that.



    1.My requirement isn't dst-nat port 80 to proxy server.
    But I want to have solution that help whoever that fix proxy (on their web browser) from elsewhere can play internet without change anything (on their web browser).
    Are we have solution ?
    2.forward port 25 traffic to existing mail server is "user any svc-smtp dst-nat <MAIL server=""> + port 25" right ? ... It's not work from my testing</MAIL>


  • 6.  RE: Mail & Proxy Redirect

    EMPLOYEE
    Posted Aug 14, 2011 08:48 PM

    1.My requirement isn't dst-nat port 80 to proxy server.
    But I want to have solution that help whoever that fix proxy (on their web browser) from elsewhere can play internet without change anything (on their web browser).
    Are we have solution ?
    2.forward port 25 traffic to existing mail server is "user any svc-smtp dst-nat <MAIL server=""> + port 25" right ? ... It's not work from my testing</MAIL>




    1. The solution I mentioned will only work if the web proxy is a transparent proxy.
    2. Please use the ip address and port and NOT the name of the mail server.