ms outlook failed to connect to mail server from dmz interface on ASA 5520
My device has 3 interfaces configured: inside, outside, DMZ. Right now I can access the Mail server from the Internet using domain name which is on DMZ interface. The issue here is when users they need to configure their Ms Outlook for Incoming mail server & outgoing mail server FQDM e.g (mail.test.com) the ms outlook failed to connect , but when using its internal IP address 10.10.1.5 which is Mail server IP address its working fine. Are there any special statements I need to add to the ASA such as nat or ACLs to make this work? My LAN is 192.168.1.0/24 and DMZ is 10.10.1.0/24. And My Mail server IP address is 10.10.1.5/24
As I understand you mail server is located in DMZ, and users are trying to connect to that via inside interface of ASA? DNS itself is configured to resolve DMZ IP address of the server back to Internal network (which is connected to inside interface of ASA)? What configuration you has on both interfaces? Is there any ACL applied? Do you have a routing between that interfaces?
So you can see that is is not 10.10.1.5 that should be. IP 220.127.116.11 is configured on your server? What will be if you will try to put it as an IP address in MS Outlook registration process? Are you able to access this IP via inside interface?
It seems that you need to create an ACL allowing mail traffic between DMZ and inside interface.
As far as I know or think, the DNS Server has problem within LAN, their might be a problem with its configuration , their must be a Domain Server within this LAN(DMZ) interface, you need to check if DNS Server is properly running on it or not.
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...