Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

alow-tls

Hi, I have a PIX 515E and a Windows SMTP Server in a DMZ, and I need send to some customers encrypted emails using TLS. I read in a Cisco documentation that I need enable it if use inspect esmtp:

policy-map type inspect esmtp esmtp_tls_enable

parameters

allow-tls

!

policy-map global_policy

class inspection_default

inspect esmtp esmtp_tls_enable

Now, when I do it, TLS work fine and I can send encrypted email but for unknown reason I can't send o receive non encrypted emails from other customers.

We can help me with this issue?

Thanks,

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: alow-tls

I'm glad, could help you.

Regards,

Vibhor.

3 REPLIES
Silver

Re: alow-tls

I think the issue here is with the some EHLO parameter which is not supported by ASA. Try adding following commands-

policy-map type inspect esmtp esmtp_tls_enable

match ehlo-reply-parameter others

mask

Clear the mail server connections through ASA and check if mails work now.

How this helps.

Regards,

Vibhor.

New Member

Re: alow-tls

Hi Victor, thanks for your reply, I've done it and it work fine. Now I can send emails using TLS and regular emails.

The final configuration is:

policy-map type inspect esmtp esmtp_tls_enable

parameters

allow-tls

match ehlo-reply-parameter others

mask

!

policy-map global_policy

class inspection_default

inspect esmtp esmtp_tls_enable

Best regards,

Silver

Re: alow-tls

I'm glad, could help you.

Regards,

Vibhor.

140
Views
0
Helpful
3
Replies
CreatePlease to create content