Solved: Email syslog message on ASA 5555-X

Jeff Horton · ‎09-14-2022

Is there a specific interface ip address the Cisco ASA uses when sending out email notifications (internal port, management port)?

MHM Cisco World · ‎09-18-2022

May be I not clear my above comment, you can config the interface ASA use to connect to Server as example below 

ciscoasa
(config)#
 smtp-server management 10.1.1.24 outside 10.1.1.34

so in above example we can use management interface to connect to primary server and use outside to connect to secondary server.
you just make sure that the interface you select can reach the server.

View solution in original post

MHM Cisco World · ‎09-14-2022

smtp-server [ primary-interface ] primary-smpt-server-ip-address [[ backup-interface ] backup-smpt-server-ip-address ]

""If no interface is provided, ASA would refer to management routing table lookup, and if no proper route entry is present, it would look at the data routing table.""

Jeff Horton · ‎09-16-2022

I have all of that setup. I was just wondering if my mail relay server, that sits out via the external port of the firewall, would see the external port ip address when the firewall tries to send email when an alert is generated?

Other way to describe it would be, if I am only allowing certain systems to send email via the relay server what ip address would I need to allow if the email is coming from the firewall itself?

MHM Cisco World · ‎09-18-2022

May be I not clear my above comment, you can config the interface ASA use to connect to Server as example below 

ciscoasa
(config)#
 smtp-server management 10.1.1.24 outside 10.1.1.34

so in above example we can use management interface to connect to primary server and use outside to connect to secondary server.
you just make sure that the interface you select can reach the server.

Jeff Horton · ‎09-20-2022

Thank you. That helps a bunch.