10-27-2008 08:51 PM - edited 03-04-2019 12:05 AM
Hi,
I have a new Barracuda Spam firewall to deploy. On the border router I configured all incoming SMTP traffic from the T1 circuit to forwarded to Barracuda appliance and from there it is relayed to Checkpoint Firewall which is NAT to our internal Exchange 2003 server.
Problem:
1. From the router I can ping Barracuda.
2. On the router I see access-list 180 counter increasing.
3. On the Barracuda I can ping 4.2.2.2.
4. On the Barracuda, I don't see any incoming SMTP traffic at all. I'm not sure what the problem is...?
Please read the my attached graph..
Router config:
S0/0 :
ip policy route-map SMTP_MAP
access-list 180 permit tcp any host 48.123.21.15 eq smtp
route-map SMTP_MAP permit 80
match ip address 180
set ip next-hop 48.123.21.16
set interface FastEthernet0/0
10-27-2008 09:40 PM
Hi,
What chassis is this and what Software Version are you running?
Is it possible for you to remove this statement "set interface FastEthernet0/0" from your route-map and do the testing again.
The reason I am asking to do the testing by removing the above command is, to verify whether the "set interface" is taking precedence over the "set ip next-hop". I hope it makes sense.
Regards,
Arul
* Pls rate if it helps*
10-28-2008 08:28 AM
The Fa0/0 interface of your router has a /28 mask which does not include the IP address of the Barracuda (48.123.21.16). If this is a flat network, your router will fail to forward the SMTP traffic to the Barracuda, whilst you still would see the match in the access list. It could be you have a simple connectivity issue due to an addressing problem. I would suggest to test with a /27 mask. The rest of your setup looks fine.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide