Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
537
Views
0
Helpful
1
Replies

Problem linux client SMTP

Go to solution
bagnolini
Level 1
Level 1

‎06-20-2012 12:14 AM - edited ‎03-04-2019 04:43 PM

I've a strange problem with smtp on linux machine, this is the architecture:

- Router 877 with ADSL

- Windows client are able to send and receive email

- Linux client are able only to receive the mail (not send)

This is the config:

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

no service password-encryption

!

hostname ADSL-Log80

!

boot-start-marker

boot system flash c880data-universalk9-mz.152-2.T.bin

boot-end-marker

!

!

logging buffered 52100 warnings

enable secret 5 $1$/Ej2$ughU.MiSCui0hKYELT8pv0

!

aaa new-model

!

!

aaa authentication login default local

aaa authorization exec default local

!

!

!

!

!

aaa session-id common

memory-size iomem 10

clock timezone CET 1 0

clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00

ip auth-proxy max-login-attempts 5

ip admission max-login-attempts 5

!

!

!

!

!

ip inspect name Firewall dns

ip inspect name Firewall ftp

ip inspect name Firewall h323

ip inspect name Firewall https

ip inspect name Firewall icmp

ip inspect name Firewall imap

ip inspect name Firewall netshow

ip inspect name Firewall rcmd

ip inspect name Firewall realaudio

ip inspect name Firewall rtsp

ip inspect name Firewall esmtp

ip inspect name Firewall sqlnet

ip inspect name Firewall streamworks

ip inspect name Firewall tftp

ip inspect name Firewall tcp

ip inspect name Firewall udp

ip inspect name Firewall vdolive

ip inspect name Firewall sip

ip inspect name Firewall sip-tls

ip cef

no ipv6 cef

!

!

license udi pid CISCO887-K9 sn FCZ154693WD

license accept end user agreement

!

!

!

no spanning-tree vlan 1

vtp mode transparent

username administrator privilege 15 password 0 log80

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface BRI0

no ip address

encapsulation hdlc

shutdown

isdn termination multidrop

!

interface ATM0

description Adsl-Telecom

no ip address

no atm ilmi-keepalive

!

interface ATM0.1 point-to-point

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

pvc 8/35

  pppoe-client dial-pool-number 1

!

!

interface FastEthernet0

no ip address

spanning-tree portfast

!

interface FastEthernet1

no ip address

spanning-tree portfast

!

interface FastEthernet2

no ip address

spanning-tree portfast

!

interface FastEthernet3

no ip address

spanning-tree portfast

!

interface Vlan1

description LAN Interna

ip address 172.28.98.4 255.255.255.0 secondary

ip address 192.168.17.1 255.255.255.0

ip access-group INSIDE in

ip nat inside

ip virtual-reassembly in

!

interface Dialer0

ip address 109.238.xx.xx 255.255.255.254

ip access-group OUTSIDE in

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip nat outside

ip inspect Firewall out

ip virtual-reassembly in

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication chap pap callin

ppp chap hostname xxxxxxx

ppp chap password 0 yyyyyyy

ppp pap sent-username xxxxxxx password 0 yyyyyy

!

ip forward-protocol nd

ip http server

ip http authentication local

ip http secure-server

ip http path flash:

!

ip nat inside source static tcp 192.168.17.2 22 interface Dialer0 22

ip nat inside source static tcp 192.168.17.2 80 interface Dialer0 80

ip nat inside source static tcp 192.168.17.2 443 interface Dialer0 443

ip nat inside source route-map NONAT interface Dialer0 overload

ip route 0.0.0.0 0.0.0.0 Dialer0

!

ip access-list extended INSIDE

remark Block Outbound

deny   ip any 69.63.176.0 0.0.0.255

deny   ip any 66.220.0.0 0.0.255.255

deny   ip any 66.171.224.0 0.0.31.255

deny   ip any host 78.46.67.20

permit ip any any

ip access-list extended OUTSIDE

permit ip 195.234.232.0 0.0.3.255 any

permit tcp any host 95.254.31.202 eq www

permit tcp any host 95.254.31.202 eq 22

permit tcp any host 95.254.31.202 eq 443

permit tcp any host 109.238.18.20 eq www

permit tcp any host 109.238.18.20 eq 22

permit tcp any host 109.238.18.20 eq 443

!

access-list 2 permit 192.168.235.28

access-list 2 remark Gestione Accessi Telnet

access-list 2 permit 195.234.232.0 0.0.3.255

access-list 2 permit 192.168.13.0 0.0.0.255

access-list 2 permit 192.168.17.0 0.0.0.255

access-list 2 permit 172.28.98.0 0.0.0.255

access-list 110 remark Gestione Nat verso Internet

access-list 110 permit ip 192.168.13.0 0.0.0.255 any

access-list 110 permit ip 192.168.17.0 0.0.0.255 any

!

route-map NONAT permit 10

match ip address 110

!

snmp-server community public RO

snmp-server ifindex persist

!

!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
paolo bevilacqua
Hall of Fame
Hall of Fame

‎06-23-2012 08:38 AM

int vlan 1

ip tcp mss-adjust 1452

Also you don't need access group when using NAT.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
paolo bevilacqua
Hall of Fame
Hall of Fame

‎06-23-2012 08:38 AM

int vlan 1

ip tcp mss-adjust 1452

Also you don't need access group when using NAT.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card