Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
542
Views
0
Helpful
4
Replies

VPN and fixup protocol smtp 25

Go to solution
mark.johnson
Level 1
Level 1

‎10-12-2005 04:40 AM - edited ‎02-21-2020 02:02 PM

yet another VPN question..sorry!

I have a site-to-site VPN running between 2 515E's, everything's working great.....but I have to turn off the mail-guard feature on both PIX's if I want the 2 exchange servers to send email to one another.

is there anyway I can turn this feature back on and still allow the exchange servers to send email?

thanks

Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
jackko
Level 7
Level 7

‎10-12-2005 05:02 AM

we've got several sites with mail-guard disabled, and so far there's no drama.

just wondering why would you like to enable it again.

View solution in original post

0 Helpful

Go to solution
pwicks
Level 1
Level 1

‎10-12-2005 05:30 AM

Upgrade your 515e's to Version 7 of the Pix software. This versrion of the software has inspections for Exchange's Extended Simple Mail Transport Protocol (ESMTP) communication.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet0900aecd80225ae1.html

View solution in original post

0 Helpful

Go to solution
mgaysek
Level 1
Level 1
In response to jackko

‎10-12-2005 05:48 AM

We disabled mail guard here as well. It was done to allow some of the blocked commands to work, such as Auth and Starttls. Prior to disabling it, our systems guys ensured us they can restrict access to the mail commands on the server side. So far no issues. Unfortunately, if you need the additional commands the only way to get them is to disable mailguard.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
jackko
Level 7
Level 7

‎10-12-2005 05:02 AM

we've got several sites with mail-guard disabled, and so far there's no drama.

just wondering why would you like to enable it again.

0 Helpful

Go to solution
mgaysek
Level 1
Level 1
In response to jackko

‎10-12-2005 05:48 AM

We disabled mail guard here as well. It was done to allow some of the blocked commands to work, such as Auth and Starttls. Prior to disabling it, our systems guys ensured us they can restrict access to the mail commands on the server side. So far no issues. Unfortunately, if you need the additional commands the only way to get them is to disable mailguard.

0 Helpful

Go to solution
pwicks
Level 1
Level 1

‎10-12-2005 05:30 AM

Upgrade your 515e's to Version 7 of the Pix software. This versrion of the software has inspections for Exchange's Extended Simple Mail Transport Protocol (ESMTP) communication.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet0900aecd80225ae1.html

0 Helpful

Go to solution
mark.johnson
Level 1
Level 1
In response to pwicks

‎10-13-2005 12:44 AM

thanks for the reply chap's

I thought I might be better if mailguard was turned on (added protection and wotnot)

I'm looking at upgrading to ver7 in the next couple of months.

again thanks for your help

--mark

0 Helpful
Customers Also Viewed These Support Documents