https://community.cisco.com/t5/network-security/email-access-for-three-cisco-firewall/m-p/1980282#M440822 <HTML><HEAD></HEAD><BODY><P>Hi all :</P><P></P><P>I need the help from this email access badly. In this design, I have loosen the access between the Outside (MIS) and DMZ of the RTDB Firewall access which is as below :</P><P></P><P>access-list DMZ-IN extended permit ip 10.30.30.0 255.255.255.0 any </P><P>access-list MIS-IN extended permit ip any 10.30.30.0 255.255.255.0&nbsp;&nbsp; &lt;--- this applies from Outside of RTDB firewall access to the DMZ</P><P></P><P>This morning I also tried to set the security level of the MIS to 80 and the security level of the MIS to 50 so that the MIS security level is same as the Inside network of the PP External firewall.</P><P></P><P>The result of telnet 172.16.1.106 25 is still the same -- cannot work.</P><P></P><P>The MIS switch is a 3Com switch which caould be a problem. I will see anyway to bypass the switch to test again.</P><P></P><P>Anybody has any suggestion on this problem?</P><P></P><P>Thanks!</P></BODY></HTML> Mon, 18 Jun 2012 08:01:49 GMT Tang-Suan Tan 2012-06-18T08:01:49Z https://community.cisco.com/t5/network-security/email-access-for-three-cisco-firewall/m-p/1980280#M440818 <P>Hi All :</P><P></P><P>Below please see my&nbsp; client email access picture in attach file. It happens the email access from DMZ zone of RTDB firewall fail to Edge Network mapped IP address.</P><P></P><P>Funny thing is the access from partial network is OK as indicated separately : From Servers Network to Edge, from MIS Network to Edge and also from DMZ to MIS is OK.</P><P></P><P>The problem only happens at the required result of from DMZ to Edge.</P><P></P><P>What is the possible problem? Anyone can help and any information needed in order for helping on this case?</P><P></P><P>Thanks and best regards,</P><P></P><P>tangsuan</P> Mon, 11 Mar 2019 23:19:35 GMT https://community.cisco.com/t5/network-security/email-access-for-three-cisco-firewall/m-p/1980280#M440818 Tang-Suan Tan 2019-03-11T23:19:35Z https://community.cisco.com/t5/network-security/email-access-for-three-cisco-firewall/m-p/1980281#M440819 <HTML><HEAD></HEAD><BODY><P>Hi all :</P><P></P><P>Look at the inside network of PP external firewall and the MIS (outside) network of RTDB Firewall, they are separated by MIS switch.</P><P></P><P>The security level of the inside network of PP external firewall is 100 and security level of the MIS (outside) is 0. Although there are separated by two VLAN and between them but there is inter-VLAN routing by the seitch.</P><P></P><P>Is it necessary to set these two network to same security level so that the traffic between them can flow properly between two VLAN?</P><P></P><P>Please advise</P><P></P><P>Beside that, any other concern on this design?</P><P></P><P>Many thanks!</P><P></P><P>best regards,</P><P>tangsuan</P></BODY></HTML> Fri, 15 Jun 2012 13:18:55 GMT https://community.cisco.com/t5/network-security/email-access-for-three-cisco-firewall/m-p/1980281#M440819 Tang-Suan Tan 2012-06-15T13:18:55Z https://community.cisco.com/t5/network-security/email-access-for-three-cisco-firewall/m-p/1980282#M440822 <HTML><HEAD></HEAD><BODY><P>Hi all :</P><P></P><P>I need the help from this email access badly. In this design, I have loosen the access between the Outside (MIS) and DMZ of the RTDB Firewall access which is as below :</P><P></P><P>access-list DMZ-IN extended permit ip 10.30.30.0 255.255.255.0 any </P><P>access-list MIS-IN extended permit ip any 10.30.30.0 255.255.255.0&nbsp;&nbsp; &lt;--- this applies from Outside of RTDB firewall access to the DMZ</P><P></P><P>This morning I also tried to set the security level of the MIS to 80 and the security level of the MIS to 50 so that the MIS security level is same as the Inside network of the PP External firewall.</P><P></P><P>The result of telnet 172.16.1.106 25 is still the same -- cannot work.</P><P></P><P>The MIS switch is a 3Com switch which caould be a problem. I will see anyway to bypass the switch to test again.</P><P></P><P>Anybody has any suggestion on this problem?</P><P></P><P>Thanks!</P></BODY></HTML> Mon, 18 Jun 2012 08:01:49 GMT https://community.cisco.com/t5/network-security/email-access-for-three-cisco-firewall/m-p/1980282#M440822 Tang-Suan Tan 2012-06-18T08:01:49Z https://community.cisco.com/t5/network-security/email-access-for-three-cisco-firewall/m-p/1980283#M440825 <HTML><HEAD></HEAD><BODY><P>Hi all :</P><P></P><P>This problem has been resolved after a lot of access rules added in and modified.</P><P></P><P>The access rules have to be cleared first and then the station has to open the port 25 from anti-virus software. One sentence can describe the whole problem but it needs days to do the job.</P><P></P><P>This discussion is closed.</P><P></P><P>Thanks and best regards,</P><P></P><P>tangsuan</P></BODY></HTML> Thu, 21 Jun 2012 08:46:56 GMT https://community.cisco.com/t5/network-security/email-access-for-three-cisco-firewall/m-p/1980283#M440825 Tang-Suan Tan 2012-06-21T08:46:56Z