ASA 5505 SMTP problem

Unanswered Question

Hi, I have recently purchased an ASA 5505 v7.2(2), and have been unable to send SMTP through it. The effect of the problem seems similar to other postings I've read, where disabling fixup/inspect esmtp resolves the problem. I've done this, but to no avail. When sending mail (using NAT) the ASA appears to hijack the session, and firstly block the SMTP banner, before issuing 'quit'

e.g.

Fri 2007-07-27 10:44:24: Waiting for protocol to start...

Fri 2007-07-27 10:44:24: <-- 220-*********************************************************************

Fri 2007-07-27 10:44:24: <-- *****************************************************************

Fri 2007-07-27 10:44:24: --> QUIT


If I telnet to port 25 through the ASA and issue the SMTP commands myself, it seems to work fine even though the banner is blanked out by stars (so I'm not sure if this points to the problem being something else) however I do occasionally get 'I don't understand that?' answers from our SMTP server, when I know I've issued the correct command.


I have raised this with the re-seller, however they have advised that it is a hardware problem, and that we should replace the ASA. I don't believe that this is the case, has anybody experianced similar problems, or is able to offer any advice?


Many thanks.

Richard

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
anandramapathy Sat, 09/01/2007 - 00:35
User Badges:
  • Bronze, 100 points or more

We have the same version running but do not have any issues.


Does your PAT server IP have a reverse Lookup DNS Record ?


bob.bartlett Sat, 09/01/2007 - 07:26
User Badges:

1. Can you post your configuration of the ASA on here?

2. Can you try to telnet to your Mail server from the outside and post your responses?


Make sure you protect your passwords and other critical information.

Hi Bob,


Thanks for the reply. I've attached a show config as well as a test smtp session. These sometimes wrok fine, and sometimes connectivity sppears to be lost as in the case attached.


The last response logged on the mail server was 'sender ok'. the mail server appears to have not received the rest of the session data.



Thanks,

Richard




Attachment: 
mattiaseriksson Mon, 09/03/2007 - 07:50
User Badges:
  • Bronze, 100 points or more

Is the problem affecting both inbound and outbound traffic?


To mee it looks like some kind of hardware problem. You can check the logfile on the ASA and interface error counters for clues. Verify host and ASA switchport configurations and statistics.

Actions

This Discussion