Exch server problem with ASA v7.2

Unanswered Question
Nov 15th, 2007
User Badges:

Hi All,

I'm willing to run the following scenario !!

I have two ASAs running v7.2 and connected in cascade; ASA-1 facing internet & ASA-2's outside interface connected to ASA-1's inside interface.

Also, I have FrontEnd Microsoft Exch and another BackEnd one, FrontEnd connected on DMZ-1 zone on ASA-1 and the Backend connected on Inside zone on ASA-2.

Requirements to have one public IP add. for mail server (eventually the FrontEnd server) and grant access for users from Internet to OWA (Web mail) on Backend server for the same public IP.

which means to allow SMTP traffic to FrontEnd and HTTPS to BackEnd.

I tried configuring the below two static translations but with no luck, ONLY OWA is working and Internal users can't send emails.

static (DMZ,outside) tcp 91.140.x.y smtp smtp netmask

static (inside,outside) tcp 91.140.x.y https https netmask

I noticed from the logging that the client sending email with random source port other than 25 and this is the caused the problem; this is my opinion.

What is the best visible way to overcome the problem !!


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion