cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
707
Views
10
Helpful
5
Replies

DNA Center 1.3.3.4 Email Configuration Error

Why isn´t possible to configure an Office 365 SMTP Auth User to the Cisco DNA Center? Every time I have tried to config the user and tried to send an test mail I got the error message (Email Configuration Test Failed). 

 

I have used following settings: 

 

hostname: smtp.office365.com

port:25 and 587 (both ports are unblocked)

 

are there other things to consider?

5 REPLIES 5
Preston Chilcote
Cisco Employee

May be a bug.  What version of Cisco DNA are you on?

 

At the moment we are using 1.3.3.4. 

According to the Cisco DNA Center Platform user guide, release 1.3.3.0, DNA Center only supports clear text SMTP and does not support SSL/TLS.

 

"Emails are sent out from Cisco DNA Center using the SMTP protocol. Additionally, Cisco DNA Center only supports clear text SMTP for email event notifications. If you use an email server that requires SSL/TLS support, you will not be able to receive the email event notifications"

 

From my understanding, smtp.office356.com permits access on both TCP ports 587 and 25, however both require TLS1.2 support. See below including some possible workarounds.

 

https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-office-3

 

I'm currently looking into this myself for a customer so I will let you know what I find

 

The problem is that Office365 is the only possibility we have. So it would be very bad to use the DNA Center without the mail option. 

 

Thank you very much!

If you still have an on-prem Exchange server running you could relay via that, by submitting to that in clear and then having the Exchange connector forward the mail to Exchange online.

 

Of course if your organisation isn't running in hybrid mode then another option would be to setup a SMTP relay server on-prem that can accept in clear then submit to Exchange Online leveraging TLS, IIS on Windows servers is perfect for this.

 

You might well have such a setup already if you've got other devices like MFDs, smart meters, legacy clients/apps that cannot support TLS.

 

Hope this helps.