09-12-2012 05:13 AM
I am having problems with the SMTP/ESMTP connection to MS Exchange 2010 server when going via the ACE VIP. I have also tested with a serverfarm containing a single entry (1 exchange box configured) and still get the same problem. Not sure if there are any connection parameters I need to change.
ACE Software
loader: Version 12.2[120]
system: Version A2(3.5) [build 3.0(0)A2(3.5)]
Problem
- clients fail to connect to SMTP/ESMTP when making the connections through the VIP but works when connecting direct to the servers.
- telnet session to the ports behave differently
- sessions direct to the servers work fine (initiated either from the client PC or ACE)
$ telnet SERVER_IP 25 or 587
Trying SERVER_IP...
Connected to …
Escape character is '^]'.
220 mail.server.xyz Microsoft ESMTP MAIL Service ready at Wed, 12 Sep 2012 13:32:48 +0200
helo
250 mail.server.xyz Hello [CLIENT_IP]
quit
221 2.0.0 Service closing transmission channel
- sessions to the VIP do not show any output. However, I get an out put after I enter a string and press enter
$ telnet SERVER_IP 25 or 587
Trying SERVER_IP...
Connected to mail.server.xyz (SERVER_IP).
Escape character is '^]'.
helo
220 mail.server.xyz Microsoft ESMTP MAIL Service ready at Wed, 12 Sep 2012 13:46:18 +0200
250 mail.server.xyz Hello [CLIENT_IP]
quit
221 2.0.0 Service closing transmission channel
Connection closed by foreign host.
$
$
$ telnet SERVER_IP 25 or 587
Trying 137.158.154.100...
Connected to mail.server.xyz (SERVER_IP).
Escape character is '^]'.
jshskjs
220 mail.server.xyz Microsoft ESMTP MAIL Service ready at Wed, 12 Sep 2012 13:46:34 +0200
500 5.3.3 Unrecognized command
quit
221 2.0.0 Service closing transmission channel
Connection closed by foreign host.
It seem the ACE is not passing smtp/esmtp connection requests to the server but works fine for other ports when passing through the VIP.
09-12-2012 01:23 PM
Hi Edgar,
Can you please paste the configuration you ahve for this VIP
09-13-2012 02:04 AM
Simple config...
rserver host EXCHANGE001
ip address 10.2.3.101
probe PING_EXCHANGE
inservice
rserver host EXCHANGE002
ip address 10.2.3.102
probe PING_EXCHANGE
rserver host EXCHANGE003
ip address 10.2.3.103
probe PING_EXCHANGE
rserver host EXCHANGE004
ip address 10.2.3.104
probe PING_EXCHANGE
serverfarm host EXCHANGE
description EXCHANGE SERVERS
predictor hash address
probe PR-EXCHANGE-HTTPS
rserver EXCHANGE001
inservice
rserver EXCHANGE002
rserver EXCHANGE003
rserver EXCHANGE004
class-map match-all EXCHANGE-VIP
10 match virtual-address 10.2.3.100 tcp any
sticky ip-netmask 255.255.255.255 address both EXCHANGE-STICKY
timeout 20
replicate sticky
serverfarm EXCHANGE
policy-map type loadbalance first-match EXCHANGE-VIP
class class-default
sticky-serverfarm EXCHANGE-STICKY
policy-map multi-match EXCHANGE_POL
class EXCHANGE-VIP
loadbalance vip inservice
loadbalance policy EXCHANGE-VIP
loadbalance vip icmp-reply
NB: Only rsever EXCHANGE001 is active in the serverfarm.
09-13-2012 03:13 PM
Hi Edgar,
Try to configure a nat-pool in the interface VLAN using the VIP, like this:
nat-pool 1 10.2.3.100 10.2.3.100 netmask 255.255.255.0 pat
Then apply that nat-pool to the policy multi-match
policy-map multi-match EXCHANGE_POL
class EXCHANGE-VIP
loadbalance vip inservice
loadbalance policy EXCHANGE-VIP
loadbalance vip icmp-reply
nat dynameic 1 vlan XX
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide