SUSE Linux Enterpise Server 9 NAT HOWTO

Revision as of 19:20, 3 November 2006 by Lmstone (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)



Our preferred configuration for our servers exposed to the public Internet is to NAT them behind a firewall. Zimbra's default configuration does not expect a NAT'd server, so a few configuration changes are required for the Zimbra server to function correctly. While the forums describe what needs to be accomplished, I have found no detailed "HOWTO" for SUSE Linux Enterprise Server 9 ("SLES9" or "ES9"), and so I decided to write one.

As this is a first draft, I would be grateful for any improvements and/or corrections.

L. Mark Stone
3 November 2006


This HOWTO assumes you already know what an A record, a PTR record and an MX record are, and that you have configured them for your Zimbra server to be RFC compliant on the public DNS servers that are authoritative for your domain. In other words, configuring things so the world can find your Zimbra server is beyond the scope of this HOWTO.  :-)

For a NAT'd Zimbra box to work correctly, Zimbra must be tricked into using DNS that reference private IP addresses for itself, even though public DNS records will point to public IP addresses.

To do this, we need to make changes in four places:

  * The /etc/hosts file
  * The /opt/zimbra/postfix/conf/ file
  * The local installation of BIND on the ES9 Zimbra server
  * The order of DNS lookups
Jump to: navigation, search