Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SMTP PROBLEM

Dear all

i am a network administrator of a small comp.Today we have faced a strange Problem

                         Internet leased line------------  Router---- catalystswitch -----External Servers and IP devices

                                                                          |         |                                                  

                                                                          |         |                                                   

                                                                          |         |

                                                      Cyberoam UTM       |

                                                                          |         |

                                                                          |         |

                                        Lan internet and mail users     |

                                                                                     |

                                                                                ASA 5510

                                                                                      |

                                                                                      |

                                                                 Lan high end users and servers internet access

Every thing was working fine.But today I fond that our mail users are unable to send mail.They can receive mail, but unable to send.I checked that telnet mail.domainname.com 25 was not connecting from any of the lan users who have gateway as asa 55510 Ip or cyberoam IP.But when I telnet from a external server, it was working.No conf change was done recently.Some how both of my firewalls deny the smtp traffic.Can any body help me regarding that.

Please help me .If you want any more feedback plz let me know.

2 REPLIES
Cisco Employee

Re: SMTP PROBLEM

Hello,

If the ASA is blocking the traffic, you can check the syslogs to find out the reason. You can also use the packet-tracer command to see why the traffic would be dropped:

packet-tracer in inside tcp 12345 25

Interface and ASP drop captures on the ASA may also help you see why the connection is failing. Here is a guide that describes how to setup captures on the ASA:

https://supportforums.cisco.com/docs/DOC-1222

Hope that helps.

-Mike

New Member

Re: SMTP PROBLEM

As Mike has rightly pointed out, that you need to apply packet captures to actually check whether the traffic for port 25 is reaching the firewall itself from the internal LAN. If it is, the you need to apply captures on the external interface to check if it is leaving the firewall. Also, we could check if you firewall is inspecting smtp traffic and whether the inspection is causing issues. To check this, you can issue the command "sh run policy-map" and "sh service-policy". It would be good if you could attach those outputs to this string.

232
Views
0
Helpful
2
Replies
CreatePlease to create content