Quote:
Originally Posted by cucs8
Within their firewall rules they have a static NAT to the BES server so I figured that it does some kind of homing to the RIM server and needed a static IP. So you are saying that there is no reason to have BES available on a public address?
|
The static NAT assignment is unnecessary and actually creates a potential security risk.
There's no need for any inbound initiated traffic from the Internet to the BES.
Only outbound initiated bi-directional traffic on TCP port 3101 is needed.
As long as BES can initiate the outbound port 3101 connection to RIM's SRP... then you're good.
I would dump the static NAT as soon as you can.