ASA5510 SMTP TLS broken with packet inspection enable

Unanswered Question
Sep 3rd, 2009

Hi all

Cisco ASA5510 running 8.0(4)32

It appears that with the esmtp packet inspection enabled, smtp with TLS packets will not go through the firewall. If esmtp packet inspection is disabled this works fine.

I have tried to allow TLS packets, but this does not work either.

## policy-map type inspect esmtp esmtp_map

## parameters

## allow-tls

According to Cisco TAC, ASA does not support TLS, and will not be supported any time soon.

Has anyone had any succes with SMTP TLS, Can anyone recommend a work-around besides disabling inspection.

Any advice would be very appreciated, especially as our client has lost quite a bit of faith in our ability to secure their email services.


I have this problem too.
2 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion