Advertisement

07.08.2008 at 02:53PM PDT, ID: 23548460
[x]
Attachment Details

Internet Mail is queuing   on windoos 2003 SMTP server

Asked by thombie in Exchange Email Server, Cisco PIX Firewall

I have an exchange system that has been workiing well for the past  1year.
Since I rebooted my Firewall Internet mail is  queing on my windows smtp server in my DMZ.  Messageing are taking  hours to go through.  can anybody help.
I am using a Pix Firewall 515e . I have checked with my ISP and NDS has not changed.
In my Logs I get  this
6Jul 08 2008      22:28:12      106015      172.16.1.2      10.40.226.31       Deny TCP (no connection) from 172.16.1.2/3534 to 10.40.226.31/25 flags ACK  on interface dmz

Below is my Firewall running config
:
PIX Version 7.2(1)
!
hostname cdnfw1
domain-name sample.com
enable password 8Ry2YjIyt7RRXU24 encrypted
names
name 83.x.x.x cdnportal description Internet router
name 172.16.1.1 dmz description DMZ  Interface
name 83.x.x.131 outside description Outside Interface
name 10.132.98.6 inside description  INSIDE
!
interface Ethernet0
 description External Network
 speed 100
 duplex full
 nameif outside
 security-level 0
 ip address outside 255.255.255.240
!
interface Ethernet1
 description Internal Network
 speed 100
 duplex full
 nameif inside
 security-level 100
 ip address inside 255.255.255.252
!
interface Ethernet2
 description DMZ VLAN
 speed 100
 duplex full
 nameif dmz
 security-level 50
 ip address dmz 255.255.255.0
!
interface Ethernet3
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet4
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet5
 shutdown
 no nameif
 no security-level
 no ip address
!
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
clock timezone GMT/BST 0
clock summer-time GMT/BDT recurring last Sun Mar 1:00 last Sun Oct 2:00
dns server-group DefaultDNS
 domain-name sampleconsulting.co.uk
object-group network VPN_Range
 description VPN_Range
 network-object 192.168.168.0 255.255.255.0
object-group network DMZ_Web_SERVER
 description DMZ web_SERVR
 network-object host 172.16.1.2
 network-object host 172.16.1.3
object-group network Internal_DNS_SERVERS
 description Internal DNS SERVERS
 network-object host 10.40.225.20
 network-object host 10.40.226.20
object-group network MAIl_Servers
 description E-mail_Servers
 network-object host 10.40.226.31
 network-object host 10.40.225.30
 network-object host 10.40.226.35
object-group service EMAIL_services tcp
 description E-mail_services
 port-object eq smtp
 port-object eq imap4
 port-object eq pop3
 port-object range https https
object-group service Web_services tcp
 description Web_services
 port-object eq https
 port-object eq www
 port-object range 81 81
object-group service DNS_ports udp
 description DNS_ports_UDP
 port-object range 1036 1043
 port-object eq kerberos
object-group network DMZ_DNS
 description DMZ_DNS
 network-object host 10.40.225.20
 network-object host 10.40.226.20
object-group network OWA_GROUP
 description OWA_GROUP
 network-object host 172.16.1.3
object-group service DMZ_Active_directory tcp
 description DMZ_Active_directory
 port-object range 3268 3268
 port-object range ldap ldap
 port-object range 691 691
 port-object range 88 88
object-group service DNS_services_TCP tcp
 description DNS_services_TCP
 port-object range 135 135
 port-object eq domain
 port-object range domain 83
 port-object eq kerberos
object-group service RPC_Group tcp
 description RPC_Group
 port-object range 1024 65535
object-group network PBX_Servers
 description PBX_Servers
 network-object host 193.148.0.35
 network-object host 213.208.115.115
object-group service PBX_ports_tcp tcp
 description PBX_ports_tcp
 port-object eq ssh
 port-object range https https
access-list inside_access_in extended permit tcp any any eq www log
access-list inside_access_in extended permit icmp any any log
access-list outside_access_in extended permit tcp any any log
access-list outside_access_in extended permit tcp any any eq smtp
access-list outside_access_in extended permit tcp any host 83.x.x.142log
access-list outside_access_in extended permit icmp any host 83.x.x.142 echo log
access-list outside_access_in extended permit tcp any eq smtp host 83.x.x.142 eq smtp log
access-list outside_access_in extended permit icmp host cdnportal host 83.x.x.142
access-list outside_access_in extended permit icmp host cdnportal host 83.217.x.x.132 redirect
access-list outside_access_in extended permit tcp any object-group EMAIL_services host 83.x.x.142 log
access-list outside_access_in extended permit tcp any any object-group Web_services log
access-list outside_access_in extended permit udp any any log
access-list outside_access_in extended permit tcp any host 10.40.225.30 eq https log
access-list outside_access_in extended permit udp object-group DMZ_DNS any eq domain log
access-list inside_access_out extended permit icmp any any log
access-list inside_access_out extended permit ip any any log
access-list outside_cryptomap extended permit icmp any any log
access-list outside_cryptomap extended permit ip any any log
access-list outside_cryptomap extended permit tcp any any log
access-list inside_access_in_1 remark Vpn out
access-list inside_access_in_1 extended permit tcp 10.0.0.0 255.0.0.0 any eq pptp log
access-list inside_access_in_1 extended permit tcp 10.0.0.0 255.0.0.0 any eq 8080 log
access-list inside_access_in_1 remark RDP
access-list inside_access_in_1 extended permit tcp 10.0.0.0 255.0.0.0 any eq 3389 log
access-list inside_access_in_1 extended permit tcp 10.0.0.0 255.0.0.0 any eq telnet log
access-list inside_access_in_1 extended permit tcp 10.0.0.0 255.0.0.0 any eq ssh log
access-list inside_access_in_1 remark playtstion
access-list inside_access_in_1 extended permit tcp host 10.132.16.206 eq 52906 any eq 5223
access-list inside_access_in_1 extended permit tcp host 10.132.16.206 eq 52910 any eq 5223
access-list inside_access_in_1 extended permit tcp any host 217.154.239.106 eq 4125 log
access-list inside_access_in_1 extended permit tcp any host 85.13.219.66 eq 2095
access-list inside_access_in_1 extended permit tcp any eq 57741 host 85.13.219.66 eq 2095 log
access-list inside_access_in_1 extended permit tcp 10.0.0.0 255.0.0.0 any eq ftp log
access-list inside_access_in_1 remark Blackberry Service port
access-list inside_access_in_1 extended permit tcp host 10.40.225.30 any eq 3101 log
access-list inside_access_in_1 extended permit tcp host 10.40.226.31 host 172.16.1.2 eq smtp log
access-list inside_access_in_1 extended permit icmp any any log
access-list inside_access_in_1 extended permit ip 10.0.0.0 255.0.0.0 host 172.16.1.2 log
access-list inside_access_in_1 extended permit tcp 10.0.0.0 255.0.0.0 any object-group Web_services log
access-list inside_access_in_1 extended permit udp 10.0.0.0 255.0.0.0 any log
access-list inside_access_in_1 extended permit tcp 10.0.0.0 255.0.0.0 host 172.16.1.2 log
access-list inside_access_in_1 extended permit tcp 10.0.0.0 255.0.0.0 host 172.16.1.3 log
access-list inside_access_in_1 extended permit tcp 10.0.0.0 255.0.0.0 any object-group EMAIL_services log
access-list inside_access_in_1 extended permit tcp 10.0.0.0 255.0.0.0 host 172.16.1.2 object-group EMAIL_services log
access-list inside_access_in_1 extended permit tcp object-group DMZ_Web_SERVER any object-group Web_services log
access-list inside_access_in_1 extended permit tcp 10.0.0.0 255.0.0.0 any eq 5900 log
access-list inside_access_in_1 extended permit tcp 10.0.0.0 255.0.0.0 any log
access-list dmz_access_in extended permit tcp host 172.16.1.2 eq smtp any eq 14785 log
access-list dmz_access_in extended permit tcp host 172.16.1.2 host 217.150.98.3 eq domain
access-list dmz_access_in extended permit tcp host 172.16.1.2 eq smtp host 10.40.226.31
access-list dmz_access_in extended permit udp host 172.16.1.2 host 66.9.50.197 eq domain
access-list dmz_access_in remark Radius For OWA
access-list dmz_access_in extended permit udp host 172.16.1.3 host 10.40.226.30 eq 1812 log
access-list dmz_access_in extended permit udp host 172.16.1.3 eq 1060 host 10.40.226.30 eq 1812 log
access-list dmz_access_in extended permit icmp any host 83.x.x.142echo log
access-list dmz_access_in extended permit icmp object-group OWA_GROUP object-group DMZ_DNS echo log
access-list dmz_access_in extended permit tcp object-group OWA_GROUP object-group DMZ_DNS eq ldap log
access-list dmz_access_in extended permit tcp object-group DMZ_Web_SERVER any eq smtp
access-list dmz_access_in extended permit icmp host 172.16.1.2 host 10.40.225.20 unreachable log
access-list dmz_access_in extended permit udp object-group DMZ_Web_SERVER object-group Internal_DNS_SERVERS eq domain log
access-list dmz_access_in extended permit tcp object-group DMZ_Web_SERVER any eq www log
access-list dmz_access_in extended permit tcp object-group DMZ_DNS object-group DMZ_Active_directory object-group OWA_GROUP object-group DMZ_Active_directory log
access-list dmz_access_in extended permit tcp object-group DMZ_Web_SERVER host 83.x.x.142eq smtp log
access-list dmz_access_in extended permit udp object-group DMZ_Web_SERVER host 217.150.98.3 eq domain log
access-list dmz_access_in extended permit icmp object-group DMZ_Web_SERVER object-group MAIl_Servers echo
access-list dmz_access_in extended permit tcp object-group DMZ_Web_SERVER object-group MAIl_Servers object-group EMAIL_services log
access-list dmz_access_in extended permit udp object-group DMZ_DNS object-group DNS_ports object-group OWA_GROUP object-group DNS_ports log
access-list dmz_access_in extended permit tcp any host 83.x.x.142log
access-list dmz_access_in extended permit udp any host 172.16.1.3 log
access-list dmz_access_in extended permit tcp any eq smtp host 83.x.x.142log
access-list inside_cryptomap extended permit udp any any log
access-list outside_access_out extended permit udp host 172.16.1.2 eq 1103 host 66.9.50.197 eq domain
access-list outside_access_out extended permit udp any host 66.9.50.197 eq domain
access-list outside_access_out extended permit udp host 10.40.225.20 any eq domain log
access-list outside_access_out extended permit udp host 172.16.1.2 host 66.9.50.197 eq domain log
access-list outside_access_out extended permit icmp 10.0.0.0 255.0.0.0 any echo log
access-list outside_access_out extended permit udp any host 217.150.98.3 eq domain log
access-list outside_access_out extended permit udp host 10.40.226.20 eq 3537 host 66.9.50.197 eq domain log
access-list outside_access_out extended permit udp host 10.40.225.20 host 66.9.50.197 eq domain log
access-list outside_access_out extended permit udp host 10.40.225.20 host 217.150.98.3 eq domain log
access-list outside_access_out extended permit udp host 172.16.1.2 any eq domain
access-list outside_access_out extended permit icmp any host 83.x.x.142echo
access-list outside_access_out extended permit icmp any host 83.x.x.141echo
access-list outside_access_out extended permit icmp host 10.132.16.202 host 83.x.x.141echo log
access-list outside_access_out extended permit tcp any any object-group Web_services log
access-list outside_access_out extended permit tcp any any log
access-list outside_access_out extended permit tcp any host 10.40.225.30 object-group Web_services log
access-list outside_access_out extended permit tcp any any eq www log
access-list inside_nat0_outbound extended permit ip 10.0.0.0 255.0.0.0 192.168.168.0 255.255.255.0
access-list inside_nat0_outbound extended permit tcp 10.0.0.0 255.0.0.0 192.168.168.0 255.255.255.0 log
access-list inside_nat0_outbound extended permit icmp 10.0.0.0 255.0.0.0 192.168.168.0 255.255.255.0 echo-reply log
access-list inside_nat0_outbound extended permit udp 10.0.0.0 255.0.0.0 192.168.168.0 255.255.255.0 log
access-list outside_nat0_outbound extended permit ip 192.168.168.0 255.255.255.0 10.0.0.0 255.0.0.0
access-list outside_nat0_outbound extended permit tcp 192.168.168.0 255.255.255.0 10.0.0.0 255.0.0.0 log
access-list outside_nat0_outbound extended permit icmp 192.168.168.0 255.255.255.0 10.0.0.0 255.0.0.0 log
access-list outside_nat0_outbound extended permit tcp 192.168.168.0 255.255.255.0 10.0.0.0 255.0.0.0 eq www log
access-list outside_nat0_outbound extended permit udp 192.168.168.0 255.255.255.0 10.0.0.0 255.0.0.0 log
access-list VPN_tunnel standard permit 10.0.0.0 255.0.0.0
access-list VPN_tunnel standard permit 172.16.1.0 255.255.255.0
access-list outside_cryptomap_1 extended permit ip any 192.168.168.0 255.255.255.192
access-list inside_nat0_outbound_1 extended permit ip 10.0.0.0 255.0.0.0 192.168.168.0 255.255.255.0
access-list inside_nat0_outbound_1 extended permit tcp 10.0.0.0 255.0.0.0 172.16.1.0 255.255.255.0 object-group EMAIL_services log
access-list inside_nat0_outbound_1 extended permit udp 10.0.0.0 255.0.0.0 172.16.1.0 255.255.255.0 log
access-list inside_nat0_outbound_1 extended permit ip 10.0.0.0 255.0.0.0 host 86.54.230.253
access-list inside_nat0_outbound_1 extended permit ip 192.168.1.0 255.255.255.0 10.0.0.0 255.0.0.0
access-list inside_nat0_outbound_1 extended permit ip 10.0.0.0 255.0.0.0 192.168.1.0 255.255.255.0
access-list inside_nat0_outbound_1 extended permit tcp 10.0.0.0 255.0.0.0 any log
access-list dmz_nat0_outbound extended permit ip 172.16.1.0 255.255.255.0 192.168.168.0 255.255.255.0
access-list inside_access_out_1 extended permit icmp host 172.16.1.2 host 10.40.226.31 echo log
access-list inside_access_out_1 extended permit icmp any host 10.40.225.30 echo log
access-list inside_access_out_1 extended permit udp any host 10.40.226.30 eq 1812 log
access-list inside_access_out_1 extended permit udp host 172.16.1.3 eq 1095 host 10.40.226.30 eq 1812 log
access-list inside_access_out_1 extended permit udp host 172.16.1.3 eq 1064 host 10.40.226.30 eq 1812 log
access-list inside_access_out_1 extended permit udp host 172.16.1.3 eq 1065 host 10.40.226.30 eq 1812 log
access-list inside_access_out_1 extended permit udp host 172.16.1.3 eq 1066 host 10.40.226.30 eq 1812 log
access-list inside_access_out_1 extended permit udp host 172.16.1.3 eq 1061 host 10.40.226.30 eq 1812
access-list inside_access_out_1 extended permit udp host 172.16.1.3 eq 1062 host 10.40.226.30 eq 1812
access-list inside_access_out_1 extended permit icmp any host 83.217.117.132 redirect log
access-list inside_access_out_1 extended permit tcp object-group OWA_GROUP object-group DMZ_DNS eq ldap log
access-list inside_access_out_1 extended permit udp object-group OWA_GROUP object-group DMZ_DNS eq domain log
access-list inside_access_out_1 extended permit icmp host cdnportal host 83.217.117.132 redirect
access-list inside_access_out_1 extended permit udp host 172.16.1.2 object-group Internal_DNS_SERVERS eq domain log
access-list inside_access_out_1 extended permit tcp host 172.16.1.2 object-group EMAIL_services host 10.40.226.31
access-list inside_access_out_1 extended permit tcp object-group DMZ_Web_SERVER object-group MAIl_Servers eq smtp log
access-list inside_access_out_1 extended permit udp object-group DMZ_Web_SERVER object-group MAIl_Servers eq domain log
access-list inside_access_out_1 extended permit tcp object-group MAIl_Servers object-group RPC_Group object-group OWA_GROUP object-group RPC_Group log
access-list inside_access_out_1 extended permit udp host 172.16.1.3 host 10.40.225.30
access-list inside_access_out_1 extended permit tcp host 172.16.1.3 host 10.40.225.30 log
access-list inside_access_out_1 remark Blackberry out
access-list inside_access_out_1 extended permit tcp 10.0.0.0 255.0.0.0 eq 3101 any
access-list inside_access_out_1 extended permit tcp any any eq ssh log
access-list dmz_access_out extended permit tcp host 10.40.226.31 host 172.16.1.2 eq telnet log
access-list dmz_access_out extended permit tcp 10.0.0.0 255.0.0.0 any eq 3389 log
access-list dmz_access_out extended permit tcp host 10.132.16.203 host 172.16.1.2 eq 3389 log
access-list dmz_access_out remark Http to Mailgateway
access-list dmz_access_out extended permit tcp 10.0.0.0 255.0.0.0 host 172.16.1.2 eq www log
access-list dmz_access_out extended permit icmp any host 172.16.1.3 echo log
access-list dmz_access_out extended permit tcp any host 172.16.1.3 eq 3389
access-list dmz_access_out remark In Bound Mail rule (important)
access-list dmz_access_out extended permit tcp any host 172.16.1.2 eq smtp log
access-list dmz_access_out extended permit icmp any host 83.x.x.142echo log
access-list dmz_access_out extended permit tcp host 10.40.226.31 host 172.16.1.2 eq smtp log
access-list dmz_access_out extended permit icmp 10.0.0.0 255.0.0.0 host 172.16.1.2 log
access-list dmz_access_out extended permit tcp host 10.40.226.31 eq smtp host 172.16.1.2 log
access-list dmz_access_out remark inbound Web access to ISA  web server
access-list dmz_access_out extended permit tcp any host 172.16.1.3 eq https log
access-list outside_20_cryptomap extended permit ip 10.0.0.0 255.0.0.0 host 86.54.230.253
access-list outside_40_cryptomap extended permit tcp any any eq domain log
access-list outside_40_cryptomap extended permit ip 192.168.1.0 255.255.255.0 10.0.0.0 255.0.0.0
access-list outside_60_cryptomap extended permit ip 10.0.0.0 255.0.0.0 192.168.1.0 255.255.255.0
access-list inside_nat0_outbound_2 extended permit ip 10.40.225.0 255.255.255.0 192.168.168.0 255.255.255.0
access-list inside_nat0_outbound_2 extended permit ip 10.40.226.0 255.255.255.0 192.168.168.0 255.255.255.0
access-list inside_nat0_outbound_2 extended permit ip 10.40.132.0 255.255.255.0 192.168.168.0 255.255.255.0
access-list inside_nat0_outbound_2 extended permit ip 10.40.226.0 255.255.255.0 172.16.1.0 255.255.255.0
access-list inside_nat0_outbound_2 extended permit ip 10.40.225.0 255.255.255.0 172.16.1.0 255.255.255.0
access-list inside_nat0_outbound_2 extended permit ip 10.132.0.0 255.255.0.0 172.16.1.0 255.255.255.0
pager lines 24
logging enable
logging console errors
logging asdm informational
logging mail informational
logging debug-trace
mtu outside 1500
mtu inside 1500
mtu dmz 1500
ip local pool VPN_IP_POOL 192.168.168.10-192.168.168.50 mask 255.255.255.0
ip verify reverse-path interface outside
ip verify reverse-path interface inside
ip verify reverse-path interface dmz
no failover
monitor-interface outside
monitor-interface inside
monitor-interface dmz
asdm image flash:/asdm-521.bin
no asdm history enable
arp timeout 14400
nat-control
global (outside) 2 83.x.x.x-83.x.x.x netmask 255.0.0.0
global (outside) 1 83.x.x.132 netmask 255.0.0.0
global (outside) 200 interface
global (inside) 1 interface
nat (outside) 1 192.168.168.0 255.255.255.0
nat (inside) 0 access-list inside_nat0_outbound_2
nat (inside) 200 10.40.225.0 255.255.255.0
nat (inside) 200 10.40.226.0 255.255.255.0
nat (inside) 200 10.132.0.0 255.255.0.0
nat (dmz) 0 access-list dmz_nat0_outbound
static (dmz,outside) 83.x.x.142172.16.1.2 netmask 255.255.255.255
static (dmz,outside) 83.x.x.141172.16.1.3 netmask 255.255.255.255
access-group outside_access_in in interface outside
access-group outside_access_out out interface outside
access-group inside_access_in_1 in interface inside
access-group inside_access_out_1 out interface inside
access-group dmz_access_in in interface dmz
access-group dmz_access_out out interface dmz
route outside 0.0.0.0 0.0.0.0 cdnportal 1
route inside 10.0.0.0 255.0.0.0 inside 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
group-policy DefaultRAGroup internal
group-policy DefaultRAGroup attributes
 wins-server value 10.40.225.20 10.40.226.20
 dns-server value 10.40.225.20 10.40.226.20
 vpn-tunnel-protocol IPSec
 default-domain value services.sampleconsulting.co.uk
group-policy sample_VPN internal
group-policy sample_VPN attributes
 wins-server value 10.40.225.20 10.40.226.20
 dns-server value 10.40.225.20 10.40.226.20
 vpn-tunnel-protocol IPSec
 default-domain value services.sampleconsulting.co.uk
group-policy DfltGrpPolicy attributes
 banner value You Logged to  sample Consulting Secure VPN
 wins-server none
 dns-server none
 dhcp-network-scope none
 vpn-access-hours none
 vpn-simultaneous-logins 3
 vpn-idle-timeout 30
 vpn-session-timeout none
 vpn-filter none
 vpn-tunnel-protocol IPSec
 password-storage disable
 ip-comp disable
 re-xauth disable
 group-lock none
 pfs disable
 ipsec-udp enable
 ipsec-udp-port 10000
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value VPN_tunnel
 default-domain value services.sampleconsulting.co.uk
 split-dns none
 intercept-dhcp 255.255.255.255 disable
 secure-unit-authentication disable
 user-authentication disable
 user-authentication-idle-timeout 30
 ip-phone-bypass disable
 leap-bypass disable
 nem disable
 backup-servers keep-client-config
 msie-proxy server none
 msie-proxy method no-modify
 msie-proxy except-list none
 msie-proxy local-bypass disable
 nac disable
 nac-sq-period 300
 nac-reval-period 36000
 nac-default-acl none
 address-pools value VPN_IP_pool
 client-firewall none
 client-access-rule none
http server enable
http 10.132.16.201 255.255.255.255 inside
http 10.0.0.7 255.255.255.255 inside
http 10.0.0.0 255.0.0.0 inside
http 64.236.80.62 255.255.255.255 outside
http 81.138.8.33 255.255.255.255 outside
http 64.236.226.116 255.255.255.255 outside
http 0.0.0.0 0.0.0.0 outside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
sysopt noproxyarp inside
crypto ipsec transform-set TRANS_ESP_3DES_SHA esp-3des esp-sha-hmac
crypto ipsec transform-set TRANS_ESP_3DES_SHA mode transport
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 40 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 60 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 80 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 100 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 120 set transform-set TRANS_ESP_3DES_SHA
crypto map outside_map 20 match address outside_20_cryptomap
crypto map outside_map 20 set peer concisePR
crypto map outside_map 20 set transform-set ESP-3DES-SHA
crypto map outside_map 40 match address outside_40_cryptomap
crypto map outside_map 40 set peer concisePR
crypto map outside_map 40 set transform-set ESP-3DES-SHA
crypto map outside_map 60 match address outside_60_cryptomap
crypto map outside_map 60 set peer 86.7.208.197
crypto map outside_map 60 set transform-set ESP-3DES-SHA
crypto map outside_map 80 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
tunnel-group DefaultRAGroup general-attributes
 address-pool VPN_IP_POOL
 default-group-policy DefaultRAGroup
tunnel-group DefaultRAGroup ipsec-attributes
 pre-shared-key *
tunnel-group sample_VPN type ipsec-ra
tunnel-group sample_VPN general-attributes
 address-pool VPN_IP_POOL
 default-group-policy sample_VPN
tunnel-group sample_VPN ipsec-attributes
 pre-shared-key *
telnet timeout 5
ssh cdnportal 255.255.255.255 outside
ssh 192.168.168.10 255.255.255.255 outside
ssh 10.132.16.201 255.255.255.255 inside
ssh 172.16.1.2 255.255.255.255 dmz
ssh timeout 5
console timeout 0
dhcpd option 3 ip inside interface inside
!
dhcprelay setroute inside
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
  inspect icmp
!
service-policy global_policy global
smtp-server 83.x.x.142
client-update enable
prompt hostname context
Cryptochecksum:a2a5eedb5f4dffbe9e79f2f3a711997b
: endStart Free Trial
 
Keywords: Internet Mail is queuing on windoos 2…
Title
1 SMTP Message Queu not flowing
2 Question on the Queue Viewer - stat…
3 ISA server Versus Cisco Pix
4 PIX
5 ISServer SMTP Configuration
6 Cisco Pix 501 network internet acce…
 
Loading Advertisement...
 
[+][-]07.09.2008 at 09:03AM PDT, ID: 21965199

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Exchange Email Server, Cisco PIX Firewall
Sign Up Now!
Solution Provided By: Chris-Dent
Participating Experts: 1
Solution Grade: B
 
 
[+][-]07.09.2008 at 11:07AM PDT, ID: 21966522

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]07.09.2008 at 02:11PM PDT, ID: 21968426

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]07.10.2008 at 01:42AM PDT, ID: 21971455

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]07.10.2008 at 11:21PM PDT, ID: 21980303

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]07.11.2008 at 04:13AM PDT, ID: 21981312

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628