Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
677
Views
0
Helpful
2
Replies

SMTP PROBLEM

soumik1979
Level 1
Level 1

‎09-22-2010 09:05 AM - edited ‎03-11-2019 11:43 AM

Dear all

i am a network administrator of a small comp.Today we have faced a strange Problem

                         Internet leased line------------  Router---- catalystswitch -----External Servers and IP devices

                                                                          |         |                                                  

                                                                          |         |                                                   

                                                                          |         |

                                                      Cyberoam UTM       |

                                                                          |         |

                                                                          |         |

                                        Lan internet and mail users     |

                                                                                     |

                                                                                ASA 5510

                                                                                      |

                                                                                      |

                                                                 Lan high end users and servers internet access

Every thing was working fine.But today I fond that our mail users are unable to send mail.They can receive mail, but unable to send.I checked that telnet mail.domainname.com 25 was not connecting from any of the lan users who have gateway as asa 55510 Ip or cyberoam IP.But when I telnet from a external server, it was working.No conf change was done recently.Some how both of my firewalls deny the smtp traffic.Can any body help me regarding that.

Please help me .If you want any more feedback plz let me know.

Labels:
0 Helpful
2 Replies 2

mirober2
Cisco Employee
Cisco Employee

‎09-22-2010 09:49 AM

Hello,

If the ASA is blocking the traffic, you can check the syslogs to find out the reason. You can also use the packet-tracer command to see why the traffic would be dropped:

packet-tracer in inside tcp 12345 25

Interface and ASP drop captures on the ASA may also help you see why the connection is failing. Here is a guide that describes how to setup captures on the ASA:

https://supportforums.cisco.com/docs/DOC-1222

Hope that helps.

-Mike

0 Helpful

nseshan
Level 1
Level 1
In response to mirober2

‎09-23-2010 10:07 AM

As Mike has rightly pointed out, that you need to apply packet captures to actually check whether the traffic for port 25 is reaching the firewall itself from the internal LAN. If it is, the you need to apply captures on the external interface to check if it is leaving the firewall. Also, we could check if you firewall is inspecting smtp traffic and whether the inspection is causing issues. To check this, you can issue the command "sh run policy-map" and "sh service-policy". It would be good if you could attach those outputs to this string.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card