Problem with sending and receiving email through the Edge router

mrahman0302 · ‎11-10-2010

Hi,

One of my customer is having problem with sending and receiving email from external email server. It used to work but started having problem recently and the router configuration was not changed. The email hosting company and the WAN service provider have verified that they don't see any error on their end. If we bypass the router, it works fine.

Here is the config:

version 12.3
no service pad
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
service sequence-numbers
!

boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical

clock timezone EST -5
clock summer-time EDT recurring
no aaa new-model
ip subnet-zero
no ip source-route
ip cef
!
!
ip inspect max-incomplete high 1200
ip inspect max-incomplete low 1000
ip inspect name fw1 tcp
ip inspect name fw1 udp
ip inspect name fw1 ftp
ip inspect name fw1 icmp
ip inspect name chkftp ftp
no ip bootp server
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh version 1
no ftp-server write-enable
!
interface FastEthernet0
no ip address
no cdp enable
!
interface FastEthernet1
no ip address
no cdp enable
!
interface FastEthernet2
no ip address
no cdp enable
!
interface FastEthernet3
no ip address
no cdp enable
!
interface FastEthernet4
description Internet via Allstream
ip address X.X.X.X 255.255.255.252
ip access-group inbound in
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip inspect chkftp in
ip inspect fw1 out
ip nat outside
ip virtual-reassembly max-fragments 64
speed 100
full-duplex
no cdp enable
!
interface Vlan1
description LAN
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip route-cache flow
!
ip classless
ip route 0.0.0.0 0.0.0.0 X.X.X.Y
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
ip nat translation timeout never
ip nat translation tcp-timeout never
ip nat translation dns-timeout never
ip nat inside source list 1 interface FastEthernet4 overload

ip access-list extended inbound
permit tcp any host X.X.X.A eq 1723
permit tcp any host X.X.X.B eq 3389
permit gre any host X.X.X.C
permit tcp any host X.X.X.D eq www
permit tcp any host X.X.X.55 eq www
permit tcp any host X.X.X.55 eq ftp
permit tcp any host X.X.X.55 eq 22
permit tcp any host X.X.X.56 eq www
permit icmp any any echo
permit icmp any any echo-reply
permit icmp any any time-exceeded
permit icmp any any unreachable
!
logging trap debugging
access-list 1 remark NAT Filter
access-list 1 permit 192.168.1.0 0.0.0.255
no cdp run
!
control-plane
!

Anybody has any idea on this issue? I will appreciate any help on this.

Thanks.

mrahman0302 · ‎11-10-2010

I am getting following error's on the router;

000060: Nov 10 13:00:10.614: %FW-4-ALERT_ON: getting aggressive, count (1/3000) current 1-min rate: 501
000061: Nov 10 13:00:25.998: %FW-4-ALERT_OFF: calming down, count (0/2500) current 1-min rate: 399

I did increase ip inspect max-incomplete high to 3000 to see if that take care the above error but no luck. Also I ran the sh ip traffic; here is the output;

IP statistics:
Rcvd: 7258839 total, 12187 local destination
         0 format errors, 0 checksum errors, 1993 bad hop count
         0 unknown protocol, 253 not a gateway
         0 security failures, 0 bad options, 398 with options
Opts: 0 end, 0 nop, 0 basic security, 0 loose source route
         0 timestamp, 0 extended security, 0 record route
         0 stream ID, 0 strict source route, 398 alert, 0 cipso, 0 ump
         0 other
Frags: 0 reassembled, 0 timeouts, 0 couldn't reassemble
         0 fragmented, 2 couldn't fragment
Bcast: 6048 received, 0 sent
Mcast: 0 received, 0 sent
Sent: 35522 generated, 3629524 forwarded
Drop: 121 encapsulation failed, 10 unresolved, 0 no adjacency
         27 no route, 27 unicast RPF, 197 forced drop
         0 options denied
Drop: 0 packets with source IP address zero
Drop: 0 packets with internal loop back IP address

ICMP statistics:
Rcvd: 0 format errors, 0 checksum errors, 0 redirects, 0 unreachable
        742 echo, 0 echo reply, 0 mask requests, 0 mask replies, 0 quench
        0 parameter, 0 timestamp, 0 info request, 0 other
        0 irdp solicitations, 0 irdp advertisements
Sent: 0 redirects, 10 unreachable, 0 echo, 745 echo reply
        0 mask requests, 0 mask replies, 0 quench, 0 timestamp
        0 info reply, 7 time exceeded, 0 parameter problem
        0 irdp solicitations, 0 irdp advertisements

TCP statistics:
Rcvd: 5376 total, 0 checksum errors, 4695 no port
Sent: 34910 total

PIMv2 statistics: Sent/Received
Total: 0/0, 0 checksum errors, 0 format errors
Registers: 0/0 (0 non-rp, 0 non-sm-group), Register Stops: 0/0, Hellos: 0/0
Join/Prunes: 0/0, Asserts: 0/0, grafts: 0/0
Bootstraps: 0/0, Candidate_RP_Advertisements: 0/0
Queue drops: 0
State-Refresh: 0/0

IGMP statistics: Sent/Received
Total: 0/0, Format errors: 0/0, Checksum errors: 0/0
Host Queries: 0/0, Host Reports: 0/0, Host Leaves: 0/0
DVMRP: 0/0, PIM: 0/0
Queue drops: 0

UDP statistics:
Rcvd: 6142 total, 0 checksum errors, 5990 no port
Sent: 61 total, 0 forwarded broadcasts

OSPF statistics:
Rcvd: 0 total, 0 checksum errors
0 hello, 0 database desc, 0 link state req
0 link state updates, 0 link state acks

Sent: 0 total
0 hello, 0 database desc, 0 link state req
0 link state updates, 0 link state acks

ARP statistics:
Rcvd: 7608 requests, 25 replies, 0 reverse, 0 other
Sent: 37 requests, 2397 replies (17 proxy), 0 reverse

argnetworking · ‎11-10-2010

What type of email traffic ar you getting? SMTP, POP3, IMAP?

What it is the exact problem and error are you getting?

Did you try adding:

ip inspect name fw1 smtp

mrahman0302 · ‎11-10-2010

It is SMTP and I tried that command but no luck.

.