Unable to resolve in Cisco ASA.

vikrammurudkar7589 · ‎03-16-2021

Hi everyone,

I'm facing an issue when I try to get a telnet access to the smtp.gmail.com for port 465 & 587 using FQDN. I did everything correct right from making objects, service types for port & access-list for the same.

When I use IP Address instead of the FQDN, the telnet access is successful.

It's the same thing for the IMAP & POP.

Checked the nslookup on the cmd, it's working perfectly with the proper resolution of the same.

The DNS server configured on the Cisco ASA is proper.

What can be an issue? Can anyone help on this?

Thanks & Regards,

Vikram K Murudkar.

Spooster IT Services · ‎03-16-2021

Hello @vikrammurudkar7589,

When you are saying telnet is not working using FQDN, are you telnetting from an internal/LAN host? If yes who is the DNS server for that host? Have you tried to ping from the same and see if name resolution is working?

***Please rate all helpful posts***

Spooster IT Services Team

balaji.bandi · ‎03-16-2021

Checked the nslookup on the cmd, it's working perfectly with the proper resolution of the same.

nslookup on ASA or from your end device - the FQDN need to resolved by ASA - try below

Make sure ASA resolve the DNS before you configure SMTP,

dns domain-lookup outside
dns name-server 8.8.8.8 4.2.2.2 
ping smtp.gmail.com

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

vikrammurudkar7589 · ‎03-19-2021

Hi Balaji,

Thanks for the reply.

Will be checking it out once downtime gets available & update you once done.

Regards,

Vikram.