[bdNOG] email outgoing problem in ASA 5545-X (IOS version 9.0.3)

raskin paul raskin_ece at yahoo.com
Thu Apr 17 21:56:47 BDT 2014


Dear Rakib Bhai,

one small typo error correction it should be inspect esmtp not inpect.

Thanks
Raskin

IBM Bangladesh
On Thursday, 17 April 2014, 21:44, raskin paul <raskin_ece at yahoo.com> wrote:
 
Dear Rakib Bhai,

From your problem description i guess the Mail Outgoing  Problem happening due to inpecting esmtp under class-map in ASA FW IOS version 9.X.Please remove the inpect esmtp under default class-map if u already not removed.Hope this solves your problem.


Thanks
Raskin

IBM Bangladesh
On Saturday, 12 April 2014, 20:30, Shahed Hasib <shahed at nns-solution.net> wrote:
 
Would you please try this:
object network obj-172.16.252.31
   nat(dmz,outside) static obj-203.223.92.38 service tcp 25
And also confirm apply the ACL
access-group INBOUND in interface outside




On Sat, Apr 12, 2014 at 7:53 PM, Mirza Rakib <mmrakib at gmail.com> wrote:

Hi,
>Last week we have replaced our old firewall (ASA 5540, IOS ver:8.2.5) by ASA 5545-X IOS ver:9.0.3. Everything work fine other than outgoing mail. 
However, there was no issue in old firewall.
>OLD Configuration(ASA 5540, IOS ver:8.2.5):
>-----------------------------------------------------------
>static (dmz,outside) 203.223.92.38 172.16.252.31 netmask 255.255.255.255
>
>access-list INBOUND extended permit tcp any host 203.223.92.38 eq smtp
>access-list DMZ extended permit ip host 172.16.252.31 any
>NEW configuration( ASA 5545-X IOS ver:9.0.3):
>-------------------------------------------------------------
>object network obj-172.16.252.31
>  host 172.16.252.31
>
>object network obj-203.223.92.38
>   host 203.223.92.38
>nat(dmz,outside) source static obj-172.16.252.31 obj-203.223.92.38
>access-list INBOUND extended permit tcp any host 172.16.252.31 eq smtp
>access-list DMZ extended permit ip host 172.16.252.31 any
>=========================================================
>In command prompt it shows 550 5.7.1 Unable to relay after delivery address. We are 
microsoft IIS SMTP, also tried sendmail, the issue is not in mail server.
>In firewall log it show FIN/RSET flag from outside. Please help us to solve the issue.
> 
>Regards,
>Mirza Rakib
>
>
>_______________________________________________
>nog mailing list
>nog at bdnog.org
>http://mailman.bdnog.org/mailman/listinfo/nog
>
>


_______________________________________________
nog mailing list
nog at bdnog.org
http://mailman.bdnog.org/mailman/listinfo/nog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.bdnog.org/pipermail/nog/attachments/20140417/60885314/attachment.html>


More information about the nog mailing list