Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
537
Views
5
Helpful
3
Replies

Need basic understand the Traffic flow between Cisco ISE <--> SMTP

ricky.kocharekar@orange.com
Level 1
Level 1

‎11-08-2022 08:46 PM - edited ‎11-08-2022 11:17 PM

Need a basic understanding of the Traffic flow between Cisco ISE <-> SMTP.

0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎11-09-2022 12:14 AM

ricky.kocharekar@orange.com refer to this guide, which lists which nodes communicate using SMTP and for what function/service.

https://www.cisco.com/c/en/us/td/docs/security/ise/2-7/InstallGuide27/b_ise_InstallationGuide27/b_ise_InstallationGuide27_chapter_0110.html

On ISE you could run tcpdump to take a packet capture - filter on tcp/25 or smtp server IP address and generate traffic - this will confirm the traffic flow.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎11-09-2022 12:17 AM

We are not sure what is the context here, ISE uses SMTP (or SMTP relay to send emails) depending on setup, it uses Port 25 by default. (if you looking SMTP Flow, it just like any other client who try to access SMTP EHLO--250---bla--bla---quit ---221)

if you looking for config check below :

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/216187-configure-secure-smtp-server-on-ise.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

thomas
Cisco Employee
Cisco Employee

‎11-09-2022 03:02 PM

This would be the authority on SMTP: https://www.rfc-editor.org/rfc/rfc5321.html

 

Customers Also Viewed These Support Documents