I realize that the inside and outside IP's are both private IP's, but this is just for testing my configuration. I still cannot Telnet to the smtp port of the outside interface and get a response. Please help as I thought it should be a very simple process.
The config looks ok. I wonder why the fixup for SMTP is disabled. You should have it run or leave it turn-on by default (fixup protocol smtp 25). In production network, fixup protects your SMTP server from unnecessary SMTP command/access violation.
To eliminate SMTP issue, try to isolate it by runnin gother services like FTP or WWW on the same SMTP server. Open access to it by adding FTP or WWW in your existing ACL, and perhaps add/allow ICMP (ping) as well. It might be not firewall, but the SMTP server/services. If these services are through/successful, you may need to look at the SMTP services. But pls try to isolate it with the test (and enable the fixup protocol smtp).
access-list outside_access_in permit tcp any host 172.17.2.61 eq ftp
access-list outside_access_in permit tcp any host 172.17.2.61 eq www
access-list outside_access_in permit icmp any any ---------> just allow ICMP to pass from any to any in your test environment
One other mention, I CAN Telnet to 172.20.1.202 25 from the inside network (LAN) from another workstation. Also, I have tried this config on two different PIX firewalls to eliminate a possible firmware issue.
Well, I tried the telnet to smtp from 2 different pc's on the Outside network and viola, It works! It appears that there is an issue with the workstation that I was testing from that will not allow it to telnet to any smtp server. Imagine that. I guess that is a Windows forum question. :)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...