06-22-2010 02:56 AM - edited 03-11-2019 11:02 AM
I have a 2811 router with an IOS Firewall and I'm trying to enable smtp through. I've added smtp to the access lists but no joy. I even disabled the access lists and applied one with permit tcp any any and still no joy. I'm suspecting the ip inspect list of which I know nothing but I'll post the config here:
ffmrouter#sho ip inspect config
Dropped packet logging is enabled
Session audit trail is disabled
Session alert is enabled
one-minute (sampling period) thresholds are [400:500] connections
max-incomplete sessions thresholds are [400:500]
max-incomplete tcp connections per host is 50. Block-time 0 minute.
tcp synwait-time is 30 sec -- tcp finwait-time is 5 sec
tcp idle-time is 3600 sec -- udp idle-time is 30 sec
dns-timeout is 5 sec
Inspection Rule Configuration
Inspection name SDM_HIGH
icmp alert is on audit-trail is off timeout 10
pop3 reset is on alert is on audit-trail is off timeout 3600
tcp alert is on audit-trail is off timeout 3600
udp alert is on audit-trail is off timeout 30
https alert is on audit-trail is off timeout 3600
Application Policy name SDM_HIGH
Application http
strict-http action allow alarm
port-misuse tunneling action reset alarm
myrouter#
I tried removing the policy from the inide and outside interfaces but lost internet access! Can anyone tell me how I can debug this, or am I barking up the wrong tree?
Regards
Egg
06-22-2010 03:09 AM
Do you mind sharing your running configuration?
I don't see inspection for SMTP configured as per "show ip inspect config" output posted earlier.
06-22-2010 03:17 AM
Yeah hang on...I'll clean it up a bit. I thought of that and tried putting that in but it didnt work so I took it out again so that it was as I found it. Thanks for the prompt reply.
06-22-2010 05:59 AM
Oh hang on! I've sussed it. it was nothing to do with that. there was an old nat statement pointing at an old exchange server.
Thanks for your interest.
Regards
Egg
06-22-2010 06:03 AM
Excellent to hear it's now working. Thanks for your update.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide