cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1108
Views
0
Helpful
12
Replies

Firewalling&__MicrosoftOutlook

secureIT
Level 4
Level 4

Hi Security team,

Its very strange to say that microsoft outlook is not function because of firewall. Hopefully it should not !! but what happens is - mails are not getting downloaded or sent via outlook express from Local Lan. With the same outlook configuration and when Datacard is being used, it works perfectly.

Attaching the error message and firewall configuration

NB-Public ips configured are not the real ips ..

webmail is working from the local lan& only outlook is not !!!

Pls help !!

regards

Rajesh P

12 Replies 12

Farrukh Haroon
VIP Alumni
VIP Alumni

Where is the email server and clients? (Zone) What are the IPs?

Regards

Farrukh

Hi,

mail server is outside the firewall (not in this network), its a public server. clients are from Inside (192.168.4.0)

regards

Rajesh P

oldcreek12
Level 1
Level 1

I would turn off smtp inspection before try anything else.

Its already turned off

no inspect esmtp

secureIT
Level 4
Level 4

Hi Team -- Can anyone help me out on this please...

regards

Rajesh P

static (dmz,inside) 10.10.10.10 10.10.10.10 netmask 255.255.255.255

The mail server is not in DMZ/Inside. Its a public mail server which is located outside the network.

We can skip thinking of DMZ in this scenario..

So are you using MS Exchange ports or SMTP/POP3? If Exchange, could ISP be blocking ports? What's the "Datacard" and why does this work when using it? Could you setup VPN with mail server/mail server's network?

I have resolved the problem by myself...

I have connected the laptop directly to the modem with the ip address as that of firewall public ip. Then i was able to access mails thru outlook..

This means it needs a public ip..

So, I did a PAT for the entire Local Lan segment. Now outlook is working fine without any problem.

New problem is that, for machines configured as DHCP are not able to receive mails. where are those with static does not have any problem.

Earlier i had configured PAT only for Proxy servers, because, client should access internet thru only proxy.

Anyways my problem is resolved.

Maybe this session will helpful for others...

Thanks to All who participated in this session...

regars

Rajesh P

rajesh.pvk3@gmail.com

Well OWA would use the proxy server as it is accessed through the web browse, the Outlook client does not use the proxy server (at least by default). You could setup RPC over HTTPS if you want to use the proxy.

DHCP clients will also work, your current NAT statements only allow NAT/PAT for one IP:

access-list 128 extended permit ip host 192.168.4.250 any

Regards

Farrukh

Now it is

access-list 128 extended permit ip 192.168.4.0 255.255.255.0 any

But still dhcp configured machines are not receiving the mails properly..

once made to static, it works....

The DHCP client pool = what?

Regards

Farrukh

Review Cisco Networking for a $25 gift card