Hi there,
I'm setting up a new Fortimail unit and I want to set it in Gateway mode. I have a DNS record mail.mydomain.com that currently is pointed to my mail server via a virtual IP set up in my Fortigate. I don't particularly want to change my MX record to the FDQN of my Fortimail, because I have users out in the field who need to be able to access the webmail site for my Zimbra server. Is there another way of setting this up in Gateway mode without having to change my MX record? Thanks in advance for the help.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Don't make any changes to your DNS settings - mail.mydomain.com still points at your FortiGate.
On the FortiGate, create 2 Port Forwarding VIPs:
[ul]Zimbra WebMail HTTPS traffic goes direct to the server then.
Carl
Dr. Carl Windsor Field Chief Technology Officer Fortinet
You need to enable the mail-routing or smart relay based on a recipient address
https://forum.fortinet.com/tm.aspx?m=98405
Ken
PCNSE
NSE
StrongSwan
>mail.mydomain.com that currently is pointed to my mail server via a virtual IP set up in my
>Fortigate. I don't particularly want to change my MX record to the FDQN of my Fortimail,
>because I have users out in the field who need to be able to access the webmail site for my
>Zimbra server.
Why don't you just VIP with Port Forwarding for mail.mydomain.com:443 to the Zimbra server and mail.mydomain.com:25 to the FortiMail? No changes to DNS/MX records are needed and you can flick back easily if something breaks.
There is a video on this here.
Dr. Carl Windsor Field Chief Technology Officer Fortinet
Carl Windsor wrote:Carl,>mail.mydomain.com that currently is pointed to my mail server via a virtual IP set up in my
>Fortigate. I don't particularly want to change my MX record to the FDQN of my Fortimail,
>because I have users out in the field who need to be able to access the webmail site for my
>Zimbra server.
Why don't you just VIP with Port Forwarding for mail.mydomain.com:443 to the Zimbra server and mail.mydomain.com:25 to the FortiMail? No changes to DNS/MX records are needed and you can flick back easily if something breaks.
There is a video on this here.
I guess what I'm not clear on, is when I point mail.mydomain.com to the Fortimail for port 443 incoming, would it then go to Zimbra through the relay settings inside the Fortimail?
Don't make any changes to your DNS settings - mail.mydomain.com still points at your FortiGate.
On the FortiGate, create 2 Port Forwarding VIPs:
[ul]Zimbra WebMail HTTPS traffic goes direct to the server then.
Carl
Dr. Carl Windsor Field Chief Technology Officer Fortinet
I will give that a try Carl. Thanks for the help!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1633 | |
1063 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.