Exposing an email server through Smoothwall for external access
I'm hoping one of the smoothwall experts out there can help with a small problem we have. We just upgraded our internet access and previously had our email server straddling both the internal and external networks - two NICs one internal and one external. Our cisco router was then directly connected to our Smoothwall box and the external NIC of our email server, allowing email webclient access both internally and externally.
I want to move our email server behind our Smoothwall box and just open up the necessary firewall ports on Smoothwall to allow external access to email.
I've configured an external alias on Smoothwall, using a 2nd static ip from the range allocated, then set up port forwarding to forward http and https traffic onto our mail server's internal ip. Now when I try to access the mail server using the alias ip from outside of the network I get a 404 Not found.
Looking at the access logs on the mail server, the external traffic is not getting through, and looking at the realtime firewall logs on the Smoothwall box I can see why - entries from my external ip (with strange port numbers - e.g. 31225) are being blocked, however the destination ip is the internal ip of our mail server and the port is correct (443).
My question, finally, is why would an http request be hitting smoothwall with a strange port number, rather than 443 as one would expect, and why would the logs show the destination as the internal ip of our mail server, since the firewall rule is not being matched - hence the block.
I'm sure I'm missing something obvious here - any help gratefully received.