cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1990
Views
0
Helpful
3
Replies

ACE not forwarding SMTP/ESMTP connection correctly

edgarfc254
Level 1
Level 1

I am having problems with the SMTP/ESMTP connection to MS Exchange 2010 server when going via the ACE VIP. I have also tested with a serverfarm containing a single entry (1 exchange box configured) and still get the same problem. Not sure if there are any connection parameters I need to change.

ACE Software

  loader:    Version 12.2[120]

  system:    Version A2(3.5) [build 3.0(0)A2(3.5)]

Problem

- clients fail to connect to SMTP/ESMTP when making the connections through the VIP but works when connecting direct to the servers.

- telnet session to the ports behave differently

  -  sessions direct to the servers work fine (initiated either from the client PC or ACE)

$ telnet SERVER_IP 25 or 587

Trying SERVER_IP...

Connected to …

Escape character is '^]'.

220 mail.server.xyz Microsoft ESMTP MAIL Service ready at Wed, 12 Sep 2012 13:32:48 +0200

helo

250 mail.server.xyz Hello [CLIENT_IP]

quit

221 2.0.0 Service closing transmission channel

  - sessions to the VIP do not show any output. However, I get an out put after I enter a string and press enter

$ telnet SERVER_IP 25 or 587

Trying SERVER_IP...

Connected to mail.server.xyz (SERVER_IP).

Escape character is '^]'.

helo

220 mail.server.xyz Microsoft ESMTP MAIL Service ready at Wed, 12 Sep 2012 13:46:18 +0200

250 mail.server.xyz Hello [CLIENT_IP]

quit

221 2.0.0 Service closing transmission channel

Connection closed by foreign host.

$

$

$ telnet SERVER_IP 25 or 587

Trying 137.158.154.100...

Connected to mail.server.xyz (SERVER_IP).

Escape character is '^]'.

jshskjs

220 mail.server.xyz Microsoft ESMTP MAIL Service ready at Wed, 12 Sep 2012 13:46:34 +0200

500 5.3.3 Unrecognized command

quit

221 2.0.0 Service closing transmission channel

Connection closed by foreign host.

It seem the ACE is not passing smtp/esmtp connection requests to the server but works fine for other ports when passing through the VIP.

3 Replies 3

Cesar Roque
Level 4
Level 4

Hi Edgar,

Can you please paste the configuration you ahve for this VIP

--------------------- Cesar R ANS Team

Simple config...

rserver host EXCHANGE001

  ip address 10.2.3.101

  probe PING_EXCHANGE

  inservice

rserver host EXCHANGE002

  ip address 10.2.3.102

  probe PING_EXCHANGE

rserver host EXCHANGE003

  ip address 10.2.3.103

  probe PING_EXCHANGE

rserver host EXCHANGE004

  ip address 10.2.3.104

  probe PING_EXCHANGE

serverfarm host EXCHANGE

  description EXCHANGE SERVERS

  predictor hash address

  probe PR-EXCHANGE-HTTPS

  rserver EXCHANGE001

    inservice

  rserver EXCHANGE002

  rserver EXCHANGE003

  rserver EXCHANGE004

class-map match-all EXCHANGE-VIP

  10 match virtual-address 10.2.3.100 tcp any

sticky ip-netmask 255.255.255.255 address both EXCHANGE-STICKY

  timeout 20

  replicate sticky

  serverfarm EXCHANGE

policy-map type loadbalance first-match EXCHANGE-VIP

  class class-default

    sticky-serverfarm EXCHANGE-STICKY

policy-map multi-match EXCHANGE_POL

  class EXCHANGE-VIP

    loadbalance vip inservice

    loadbalance policy EXCHANGE-VIP

    loadbalance vip icmp-reply

NB: Only rsever EXCHANGE001 is active in the serverfarm.

Hi Edgar,

Try to configure a nat-pool in the interface VLAN using the VIP, like this:

nat-pool 1 10.2.3.100 10.2.3.100 netmask 255.255.255.0 pat

Then apply that nat-pool to the policy multi-match

policy-map multi-match EXCHANGE_POL

  class EXCHANGE-VIP

    loadbalance vip inservice

    loadbalance policy EXCHANGE-VIP

    loadbalance vip icmp-reply

    nat dynameic 1 vlan XX

--------------------- Cesar R ANS Team
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: