It started when there were emails destined to this domain (only this domain) got stuck in the queue of our Exchange Server. I tried to telnet to port 25 to the mx record for that domain from our exchange server, which is behind firewall (cisco 515), and it failed. I can't telnet from anywhere behind firewall either. But I can telnet directly behind the router, bypassing the firewall. This problem is, this is intermitten. When I can start to telnet again (behind firewall), the mails in the queue will go thru.
I have disabled the smtp and dns fixup protocols at the firewall.
I also asked my friend to telnet from other countries, they've got no problem.
I'm pretty sure it lies within our firewall. I just don't know what else to check cause it only affects this one particular domain.
If anyone can tell me where else I have to check, it would be much appreciated.
You are able to telnet from Router1 but, not from the Test PC?
During the time of the problem when you are unable to telnet to port 25 from outside the firewall pls. do the following.
Make sure you are logging buffered to debug
logging buffered 7
sh logg | i x.x.x.x
where x.x.x.x is your source IP address.
You mentioned that you asked your friends to try from other countries. They try to telnet to your exchange server's (public) IP address on port 25 and they are able to at the same time it fails for you?
I thought of creating a temporary SMTP connector to route emails destined to the problematic domain to our ISP's SMTP server. The new SMTP connector worked and it started to forward emails in the queue. Once it's empty, and to my surprise, I could start telnet to that domain again. I waited for 2 days and it's still working. I then removed the SMTP connector, restart the MS Routing and SMTP services. It's still working until today.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :