I don not use NAT but you may be able to do it on the external NAT interface
if you configure inbound filters. Otherwise you can do it for sure with an
ipsec filtering policy that has a mirrored block all rule for IMAP and then
a mirrored permit rule for the exception by adding the IP address to the
filter in the rule. The link below explained ipsec filtering in more detail.
I personally believe you should also have a perimeter firewall. Even the
around $100 Netgear FVS318 will allow you to create a rule for a service for
the IMAP server and specifiy the source IP addresses allowed. -- Steve
http://www.securityfocus.com/infocus/1559
"Alan Heywood" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>I have two Windows Server 2003 boxes set up. One is connected to the
> internet with a static IP, the other one runs a mail server. I would
> like to allow incoming connections on the IMAP port from the internet
> (which I will forward to the mail server) from only specified IP
> addresses (I don't want to open this port to the world).
>
> Is this possible using 'Routing and Remote Access'? I want to be
> careful not to disturb or block normal traffic that originated from our
> network.
>
> In summary I want to block the IMAP port except for particular IP
> addresses which I want to allow. Advice appreciated!
>
> I can't see how to do this either in IP filtering or in Routing and Remote
> Access. Is it possible to do this on W2k3 or do I need to go and get a
> proper firewall?
>
> Thanks
Similar Threads
Linear Mode
