SMTP Telnet attempt returns 220 ***** over IPSEC tunnel
I've got a IPSEC tunnel between an ASA 5510 and a Sonicwall device. I'm trying to install a new Exchange server behind the sonic wall for internal mail routing. If I telnet within the sites, everything works fine, but when I try to telnet across the tunnel, I just get a 220 **************************** instead of the SMTP banner.
I've seen a lot of posts about turning off smtp fixup on a PIX, but we're currently not inspecting SMTP on the ASA, though we ARE inspecting ESMTP. Mail to the Internet through the ASA works without issue, and mail from the Internet to a pre-existing server behind the Sonicwall also works without issue, so it's definitely just a problem over this tunnel.
Re: SMTP Telnet attempt returns 220 ***** over IPSEC tunnel
So, it turns out the CLI on the ASA 5510 hides the fact that fixup really still does exist eventhough it tells you to use inspect. I ran a 'no fixup protocol smtp 25' just for grins, and wouldn't you know it... It took the command and fixed the problem. *sigh*
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...