Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
409
Views
4
Helpful
2
Replies

pix possible problem - not allowing smtp authentication

sysco-zgb
Level 1
Level 1

‎11-01-2006 01:26 AM - edited ‎02-21-2020 10:17 AM

Pix 7.2.0 doesn't have "inspect esmtp" line added. But, authentication when sending a mail from wan doesn't work (mail server is in DMZ). When you try it from LAN - it works without problems.

Is it possible that pix block smtp authentication from WAN to DMZ, although there is no "inspect ESMTP" ?

Labels:
0 Helpful
2 Replies 2

jgervia_2
Level 1
Level 1

‎11-01-2006 02:31 AM

Hello,

Without the 'inspect esmtp' line there is no (e)smtp protocol checking - there would be no reason the pix would drop the smtp for protocol reasons.

I would check your lan configuration to make sure that you don't have access-list issues - normally "inside' flows to the DMZ are allowed by default because of the security levels, but WAN to DMZ (assuming WAN had a lower security level than the DMZ) would not.

--Jason

Please rate this message if it helped resolve some or all of your issue.

sysco-zgb
Level 1
Level 1
In response to jgervia_2

‎11-01-2006 01:45 PM

Thanks for your answer.

I found out that ISP provider installed another firewall between WAN and our LAN. This is a kind of additional security for their key users. Guess what, their support told me "inspect esmtp is *on* by default".

Some security!!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents