08-07-2008 07:33 PM - edited 03-11-2019 06:28 AM
Hi,
Can anyone tell me what IP inspections really inspect?
I have 2 sites connected through site-to-site vpn. ACL allows ip packets going through both sites. But the application level firewall still inspect the packets and droppes smtp packets between 2 private network.
I've found some paper in ms support. Here is the link.
http://support.microsoft.com/kb/924237
Can anybody tell me how to configure the firewall to make exchange work between site-to-site vpn?
Thanks,
08-07-2008 09:04 PM
I have clients that have exchange server bridgeheads in different offices through cisco ios and asa ipsec tunnels.
Please post your configurations.
I suspect you have something in there we can clear up.
-Joe
08-11-2008 07:34 AM
Hi,
I've had similar problems in the past, both with CBAC in IOS and PIX software, that were caused by the SMTP inspection engine.
If you're just trying to route SMTP traffic through the VPN, try to deactivate the SMTP inspection as follows:
(config)# no ip inspect name XXXX smtp
where XXXX is the name of the inspection (CBAC) rules.
At least that worked for me. Hope it helps!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide