I have an ISR 2811 which acts as Internet Gateway. This router has a primary Internet connection through a Fast Ethernet interface and a secondary through an ADSL interface. This router has been configured for inbound & outbound IP inspection on both WAN interfaces. The same inbound Access List has already been in place on two WAN interfaces permitting only http/https inbound traffic to our web servers and denying all other inbound traffic. All outbound traffic is permitted as well through this router. I have also already configured Policy based routing on this router with a relevant route policy, pushing the outbound traffic from a specific X IP address through the secondary ADSL link and not through the primary Ethernet link that the other Intranet users use as the primary Internet path. There is also a static PAT for this X IP address, which use the public IP address of the associated dialer of the ADSL interface.
What is the problem now? When the user (X IP Address) tries to connect to a public POP3/SMTP Server, never get the connection established. When the same user is routed through the Ethernet interface (PBR disabled) the relevant POP3 connection is fine. Again with the PBR enabled when the same user makes a telnet connection in port 25 on the same public Server, the connection is fine. Trying to telnet on 110 port the connection is failed. From the log messages I noticed that the POP3 connection never get established because the returned traffic is blocked from the inbound WAN access list on ADSL interface. However I cannot understand the reason! Please note again that the two WAN interfaces has the same characteristics regarding the CBAC and ACLs. The only difference is the PAT on the secondary interface. Also note that the X IP Address has unlimited outbound Internet connection and everything works fine except the POP3 traffic.
Can anyone confirm that POP3 traffic should work fine, or is something going on here with CBAC and PAT enabled.
Hi Team, I have one exclusion provided by internal team which is Is it right way to exclude ? *\Program Files\XYZ\* , as per Cisco Docs i see its not recommended because it will create performance issue when we use * at starting , So...
Central Log Management using Cisco Security Analytics and Logging, December 2nd at 8am-9:30am PT
Cisco Security Analytics and Logging is Cisco’s Central Log Management solution for Network Operations and Security Outcomes. It is delivered both as a c...
Cyberattacks are more sophisticated than ever and your online presence has never been more critical to the success of your business. Cisco, through its OEM partnership with Radware, can help secure your digital future by continuously monitoring...