Re: ASA: ASA5505 shuts down internet access to mail server ip address

MartyG · ‎02-20-2018

I have an Exchange server running on a LAN on the Inside Interface. Recently a new build of GFI MailEssentials (running on the mail server) caused internet connectivity to fail on that server stopping email flow. I can ping other machines on the LAN but can't ping anything on the Outside Interface/Internet from the mail server.

GFI declares that their updater does not use any special protocols and only downloads updates via port 80/443 - HTTP/HTTPS which of course are open on the 5506 firewall.

Question: If the GFI product is also using passive FTP could that trigger the IP to be shut down? Blocking access from the mail server to the Internet? is that the normal behavior of this device?

Thanks - Marty

johnd2310 · ‎02-20-2018

Hi,

Does not seem like normal behavior unless the firewall does not like the traffic from the mail server.

Seems to be a problem between the firewall and mail server. Is the ASA logging any errors? Can the firewall ping the mail server? Have you checked routing on the server(route print)? Is the firewall allowing traffic from the mail server(packet-tracer input INSIDE tcp "ip of mail server" 25 "destination ip " 25 detailed).

Thanks

John

**Please rate posts you find helpful**

MartyG · ‎02-20-2018

The DNS running on both of the DCs seems to go haywire too. I end up having to rebuild everything mainly because I don't have the knowledge to restore from my backups.