Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

pix possible problem - not allowing smtp authentication

Pix 7.2.0 doesn't have "inspect esmtp" line added. But, authentication when sending a mail from wan doesn't work (mail server is in DMZ). When you try it from LAN - it works without problems.

Is it possible that pix block smtp authentication from WAN to DMZ, although there is no "inspect ESMTP" ?

2 REPLIES
Bronze

Re: pix possible problem - not allowing smtp authentication

Hello,

Without the 'inspect esmtp' line there is no (e)smtp protocol checking - there would be no reason the pix would drop the smtp for protocol reasons.

I would check your lan configuration to make sure that you don't have access-list issues - normally "inside' flows to the DMZ are allowed by default because of the security levels, but WAN to DMZ (assuming WAN had a lower security level than the DMZ) would not.

--Jason

Please rate this message if it helped resolve some or all of your issue.

New Member

Re: pix possible problem - not allowing smtp authentication

Thanks for your answer.

I found out that ISP provider installed another firewall between WAN and our LAN. This is a kind of additional security for their key users. Guess what, their support told me "inspect esmtp is *on* by default".

Some security!!

94
Views
4
Helpful
2
Replies