PIX Not Allowing SMTP from Outside Interface

Unanswered Question
Feb 3rd, 2008
User Badges:

Hello, all. Here's the scenario: PIX 501 provides firewall/VPN services to office with the web/mail server on the inside. Mail and web work fine on the local LAN, and web and POP/IMAP work fine on the outside, but SMTP does not. It appears that all outbound mail traffic coming through the outside interface is blocked, so outside of the office folks can receive mail just fine, but can't send.


My current config is attached.


Many thanks, in advance, for any suggestions you may have.




Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
fahad.sheikh Sun, 02/03/2008 - 12:14
User Badges:

On the outside interface of your firewall apply a access-list to permit traffic the public ip of the mail server on the SMTP port. This should resolve your problem.

auroratech@mac.com Sun, 02/03/2008 - 12:29
User Badges:

I believe I've already got that. From my posted config:


access-list outside-in permit tcp any host eq smtp

fahad.sheikh Sun, 02/03/2008 - 12:32
User Badges:

What do you mean by ? Is it the public IP of your mail server?

auroratech@mac.com Sun, 02/03/2008 - 12:41
User Badges:

Yes, it is the public IP address of the mail server, which is also the IP address of the outside interface of the PIX.

Actions

This Discussion