Hello
I don't think I can really test it from inside as it will force a local connection and not a RPC over HTTP
Yes, it's an email server, Small Business Server. I'm able to access thru webmail on port 443.
Don't see any dropped packets only
This is the entire TCP conversation I can see in logs
6 Jul 13 2009 08:00:39 302014 66.205.148.233 HFS1 Teardown TCP connection 2871106 for outside:66.205.xxx.xxx/472
6 Jul 13 2009 08:00:39 302014 66.205.xxx.xxx HFS1 Teardown TCP connection 2871107 for outside:66.205.xxx.xxx/472
6 Jul 13 2009 08:00:39 302013 66.205.xxx.xxx HFS1 Built inbound TCP connection 2871107 for outside:66.205.xxx.xxx/472
6 Jul 13 2009 08:00:38 302013 66.205.xxx.xxx HFS1 Built inbound TCP connection 2871106 for outside:66.205.xxx.xxx/472
let me know if you have any other ideas
thank you so much
Main Topics
Browse All Topics





by: MikeKanePosted on 2009-07-10 at 11:16:42ID: 24825938
Step 1: Does this work from inside the network? Have you tested and is it successful?
/products/ hw/vpndevc /ps2030/ pr oducts_tec h_note0918 6a00808528 3d.shtml
Step 2: Is this an email server you are trying to get to? CAn you test the http port with a web page or something else?
Step 3: If the ASA is blocking anything at all, it would show in the logs. Use the ASDM, console, or a syslog server to view the logs and check for dropped packets etc...
Your ASA has an inspection policy that covers:
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
IF you still want to eliminate the inspection map you can disable it by using:
http://www.cisco.com/en/US
Similiar to 'no service-policy global_policy global'