cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
409
Views
0
Helpful
4
Replies

Sending E-mail slow through PIX 501

csuser
Level 1
Level 1

After installing a PIX 501 Firewall at a client, they are complaining that when they send e-mail from Outlook Express 6 that a message displays for 30 - 60 seconds stating that is Connecting to the Server. The e-mail does send correctly after this delay. This happens on all PC's behind the firewall and for all sizes of e-mails. Before the Firewall, everything was fine. E-mails sent instantaneously.

Does anyone know what may be happening?

4 Replies 4

gfullage
Cisco Employee
Cisco Employee

Do you have the SMTP fixup turned on in the PIX. This will stop the ESMTP and could be causing the delay you're seeing (as Outlook times out waiting then tries just standard SMTP). Do the following (if you haven't already):

no fixup protocol smtp 25

and see how that goes.

Hi,

Thanks for the reply.

It seemed to help some. By this I mean that the e-mail seems to be taking less than 30 seconds now but it still doesn't send instantaneously.

Any other ideas?

rgrcommo
Level 1
Level 1

Is your PIX filtering smtp port 113 traffic?

The smtp server will sometimes send a request to the user to identify himself. The request uses IDENT service running on port 113. If you have not explicitly allowed this traffic the PIX will deny it and the connection will be either very slow or timeout - you can either allow this 113 on the PIX or turn off IDENT on the smtp server.

using the fixup smtp command will allow: HELO, MAIL, RCPT, DATA, RSET, NOOP, and QUIT to pass thru.

Hope this helps.

Jeff

bmuha
Level 1
Level 1

may want to try this also

service resetinbound

--Brian

Review Cisco Networking for a $25 gift card