09-07-2020 01:03 AM
Hi All,
we've got 2 cisco esa c600v on a cluster and if i telnet port 25 i've got the smtp wellcome banner and everything related, we've also a test appliance, same network, same firewall rules, with an outbound listener configured listening on port 25, but if i do telnet on this last one i do not have the wellcome banner but only cmd black screen, as it is connected but the ESA is rejecting or closing this connection in some way.
Could someone please give me an advice?
Thanks
Salvatore
09-07-2020 01:24 AM
Couple things not clear ?
1. what is the IP address of Test ESA, ?
2. is ESA lconfigured to listen port 25., check on the ESA
Confirm what port your listener is configured on for your ESA from Network > Listeners on the GUI, or listenerconfig on the CLI.
3. check is ther any way you can test from same network (by pass Firewall ?).
4. what you see on FW when you intiate the telnet ESAIP 25 ? do you see the request coming to FW and allowed ?
09-07-2020 02:43 AM
Hi,
ok, i try to clarify:
1. we try to telnet to the outbound (not management) ip of the ESA which has a listener correctly configured on listening port 25
2. i do a test telnetting itself and it is working
3. on firewall logs we have "server reset" from the appliance
Thanks
Salvatore
09-07-2020 03:19 PM
Hello Salvatore,
I have some quick questions, is that a private listener where you're trying to connect and somehow the connection is being rejected? If so, you may need to track the connection on the mail_logs and see what's the sender group where the connection is hitting. By default, when you create a new private listener, the RELAYLIST gets created and there's also another sender group by default, it's called "ALL" which some times is associated to the "REJECTED" mail flow policy, meaning that connections that does not hit the RELAYLIST sender group will fall into the ALL sender group and hence, they will be rejected.
Anyways, tracking the connection attempt on the mail_logs will help you determine the reason why you're not able to connect.
I'm attentive to any comments.
Regards,
Cristian Rengifo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide