Re: Installing Zimbra behind Firewall

**senthilkumar84_2000** · 09-08-2008, 05:30 AM

Hi,

I have a Mail server (Exchange) already configured behind the firewall with proper MX and A record and working fine,

A record email.example.com 10.10.10.1 (Public IP)
MX record example.com email.example.com (priority 0)

But i decided to migrate to zimbra without disturbing the present mail server,so i created one additional A and MX record in my DNS provider control panel with low priority (10) for new mail server mail1.example.com pointing to 10.10.10.2 (public IP)

These are the configuration:

Cent OS 5.1

Zimbra 5.08 (Opensource Edition)

my /etc/hosts file is

127.0.0.1 localhost
192.168.1.254 mail1.example.com mail1

My /etc/sysconfig/network

NETWORKING=yes
HOSTNAME=mail1.example.com

i forward port 25 from firewall to this machine (10.10.10.2:25 to 192.168.1.254:25)

Now the problem is when i try to install the Zimbra it says unable to resolve the MX record..this is the following Error

DNS ERROR resolving MX for mail1.example.com
It is suggested that the domain name have an MX record configured in DNS
Change domain name? [Yes]
Create Domain: [mail1.example.com] example.com
MX: mail1.example.com (10.10.10.2)
MX: email.example.com (10.10.10.1)

Interface: 192.168.1.254
Interface: 127.0.0.1

DNS ERROR - none of the MX records for example.com
resolve to this host

So please say your valuable solutions to Fix this issue...

Thanks.
Senthilkumar84_2000

**uxbod** · 09-08-2008, 05:46 AM

You will need to implement a Split DNS - Zimbra :: Wiki architecture.

**senthilkumar84_2000** · 09-08-2008, 06:31 AM

Thanks for your valuable solution..i will try that now, so if this works fine i will replace the existing one to zimbra, after that i need to remove the local DNS split? to act as a primary machine...Please suggest me how to do this?

Thanks,

Senthilkumar84_2000

**uxbod** · 09-08-2008, 07:37 AM

You can leave the external DNS as is, but the reason for the Split DNS is so that a MX record for your ZCS installation is available on your internal LAN. You can install BIND on your ZCS server, and the only thing it really needs is the A and MX records (note: if you are not using your ISP to relay outbound email then it will need to be able to resolve external domains aswell).

**ceefus** · 09-10-2008, 06:24 PM

I'm confused.. Why do we need this? Would it work if I ran a VPN? I don't understand why if everything forwards why it won't resolve them?

**uxbod** · 09-10-2008, 11:41 PM

If you are behind a firewall on a private LAN IP then ZCS does still require the ability to resolve a MX and A record that matches the IP address of the host machine. If you went out to a external DNS then that would reply with the external IP and not the internal one. Whether ports are forwarded or not ZCS still needs name resolution to be in place.

Zimbra

Thread: Re: Installing Zimbra behind Firewall

LinkBack

Thread Tools

Search Thread

Display

Re: Installing Zimbra behind Firewall

?

Thread Information

Users Browsing this Thread

Similar Threads

slapd message error

admin consol blank after 5.0.3 upgarde

Tomcat won't start after enabling IMAPproxy + a few other issues

Zimbra shutdowns every n hours.

Installation succesfful! But problem with zmcontrol start

Posting Permissions