Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ios firewall drop ms-exchange pkt

Hi,

Can anyone tell me what IP inspections really inspect?

I have 2 sites connected through site-to-site vpn. ACL allows ip packets going through both sites. But the application level firewall still inspect the packets and droppes smtp packets between 2 private network.

I've found some paper in ms support. Here is the link.

http://support.microsoft.com/kb/924237

Can anybody tell me how to configure the firewall to make exchange work between site-to-site vpn?

Thanks,

2 REPLIES
joe Bronze
Bronze

Re: ios firewall drop ms-exchange pkt

I have clients that have exchange server bridgeheads in different offices through cisco ios and asa ipsec tunnels.

Please post your configurations.

I suspect you have something in there we can clear up.

-Joe

New Member

Re: ios firewall drop ms-exchange pkt

Hi,

I've had similar problems in the past, both with CBAC in IOS and PIX software, that were caused by the SMTP inspection engine.

If you're just trying to route SMTP traffic through the VPN, try to deactivate the SMTP inspection as follows:

(config)# no ip inspect name XXXX smtp

where XXXX is the name of the inspection (CBAC) rules.

At least that worked for me. Hope it helps!

138
Views
0
Helpful
2
Replies