topic Internal mail-threat-detection in Network Security

Internal mail-threat-detection

Shibu1978 — Tue, 12 Mar 2019 00:56:28 GMT

Dear All,

We had one strange issue which was resolved by configuring "no threat-detection statistics tcp-intercept" from threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200.

Issue

===

We were not able to access our mail server internally( Zone created in local DNS-(10.10.2.10)) when external nat & access-list configured on the same IP. ( https://mail.company.net). When we remove the external static nat and access-list we can access mail server internally.

name 10.10.2.23 CASServer2

access-list outside_access_in extended permit tcp any host 94.*.*.170 eq https

static (INSIDE,OUTSIDE) 94.*.*.170 CASServer2 netmask 255.255.255.255

We have Cisco ASA 5520 8.2(5). Could someone please get me an idea how did resolve by disabling the command above.

Thanks for your inputs.

Internal mail-threat-detection

Shibu1978 — Tue, 05 Feb 2013 14:54:34 GMT

Could someone please throw some light on this.

Internal mail-threat-detection

James Leinweber — Tue, 05 Feb 2013 16:22:53 GMT

I'm not sure if I understand your question. My own experience is that if I want both internal and external NAT access to a particular server, I have to give it two different IP addresses. I haven't run packet-tracer to see what the underlying issue is yet.

-- Jim Leinweber, WI State Lab of Hygiene